Check  out  BuzzWog 

It  w*»  nnK  a  man*-r  of  time  he4nn»  Vt  Bu a  columnre* 

K.  ll  M'  \> --.rTh  wo  )ld  t*v  M«  U 


I  ^  ^  1  Factor  Is  security  in  the  cloud'  the  way  to  go? 

W  Brad  Vfifter  of  FWimeter  Vfwndung  sows  he  sees  sunnx  iia\s  ahead  for  m-theclimd 
services  But  Bn  ice  Schneter  of  Counterpane  has  a  countervailing  optnion 


®  WiderNet 


r»«**  wcau 


They’ve  heard  ’em  all 

IT  pros  recount  their  favorite  tales  of  clueless  users. 


M 


■V  JENNIFER  Ml ARS  AND  DINISI  DUBIf 

I  .* i k  1  \  \iu1n-ss  vv.is  working  III  n  .i!  .1  university  libtarx 
I  when  die  told  a  UVI  that  to  help  mnnl  a  «.  ompuler 
I  problem  shed  haw  to  sec  her  cookies 
"They  brought  me  homemade  cookies  the  next  day"  says 
Andress*  memliei  of  the  Network  VSdrid  Lab  Alliance  and  pres¬ 
ident  ol  secunty  consulting  firm  AnSec  Technologies 
*1  was  initially  a  bit  confused  but  then  just  had  to  laugh* 
Andress  sax's,  adding  ttiat  tlie  user  had  been  quite  serious 
that  kind  ol  misunderstanding  isnt  unusual  lor  IT  prolessioo- 
als  dealing  with  users  who  aren't  necessarily  the  must  tech- 
savvy  Discussions  with  more  tlian  a  dozen  IT  people  turned  up 
sit  »nes  dial  tanged  horn  die  naixe  to  die  Uzane 
"Vhi  haxe  to  haxe  a  good  sense  of  humor  to  work  at  this*  says 
Jetl  \kTutnxiie  dutvlor  ol  IT  at  guitar  strings  and  accessories 
maker  Ernie  Ball  of  San  Luis  Obtspu. Calif. 

“M\  taxonte  request  is  hum  people  wanting  me  to  Restart  the 
Internet  [bevausr]  it  seems  dozen, 'he  sayvT'm  going  to  quit 

II 


2 

i  ° 

I  lO 


a 

i 

o. 
1 1 
$ 


*00 


Security  titans  ready 
for  showdown  at  RSA 


BY  ELLEN  MESSMER  ANO  TIM  GREENE 

Network-acce*  control  and  security-policy  en¬ 
forcement  are  expected  to  grab  much  of  the  lime¬ 
light  at  thrs  week s  RSA  Conference  2006.  which  orga¬ 
nizers  estimate  will  draw  14.000  attendee*  and  more 
than  300  exhibitors. 

The  roster  of  keynote  speakers  reads  like  a  who's 
who  of  IT  industry  CEOs  Bill  Giles  of  Microsoft.  Art 
Covvello  of  RSA  Secunty  Scott  McNealy  of  Sun.  John 
Chambers  of  Cisco,  Stratton  Sclaxus  of  WnSign,  John 

Mar*  RSA  Conftrenc*  mws  insida: 

•  Cbod  Landing  Start*  kUntger  aheft  [rim—  mgfc- 

cortv*  i  >  Rig»  11 

•  kinro  nndn  urge!  netnriczs  anrl  Pip  21 

•  look  B  UMTS  net—  MQrty  RMn  hp  J1 


Thompson  of  Symantec  and  Thomas  Nik  man  of 
Internet  Secunty  Systems  ( ISS) 

In  his  keynote  a«klr**». Chambers  will  be  talking  up 
Cisco's  Network  Admission  Control  program,  which 
reties  on  the  company's  switch**  and  routers  to  en¬ 
force  end(Kimt  veurity  policy  such  as  requiring  anti¬ 
virus  updates  or  *  tftware  patches  C»cc >  aLv  >  plans  to 
ann<  Hi  nee  Cisco  Security  Manager,  management  v  >ft 
wan*  that  is  integrand  into  the  company's  monitor¬ 
ing,  analysis  and  response  system 
Cisco's  vision  will  not  go  unchallenged 
3Com.  which  is  dispatching  its  Chief  Technology 
and  Strategy  Officer  Marc  Willebeek-LeMair  to  pr»- 
sent  a  keynote  on  Thursday  is  expected  to  launch  its 
vxalled  (Quarantine  Protection  System 
Presented  as  an  alternative  to  Cisco  technology,  the 

S««  RSA  paga  58 


How  do  the 
feds  tap 
phone  lines? 


BY  SANDRA  GITTLEN 

Senate  heanngs  in  Washington 
last  week  focused  on  whet  tier 
the  National  Security  Agency 
needs  a  warrant  before  it  con¬ 
ducts  domestic  surveillance,  but 
from  a  technology  perspectixe, 
the  lawlul  wiretap  process  is 
pretty  stratghtiurward 

Lets  say  ULS forces  in  Iraq  or 
elsewhere  capture  a  laptop  or 
cefl  phone  containing  the  phone 
number  ol  someone  suspected 
of  1  wrong  links  *o  A1  Qaeda  And 
let  s  assume  that  Law  enforce 


metri  goes  to  the  appropriate 
court  and  obtains  a  warrant  to 


tap  that  phone  numbet 


II 


FEATURING: 


ROBUST  ★  EASY  TO  USE  *  AFFORD,. 


OPEN  STANDARDS  FOR  VIRTUALLY  LIMITLESS  SECURE  AND  SC 
■  i  . . ' .  PLUS: 

NEAR  UNIVERSAL  CONNECTIVITY  I  SEAMLESS  REAL 


1NCLUDINCH  SERVICES 


BETWEEN  BUSINESS-CRITICAL  APPS 


POWER  YOUR  S.O.A.  WITH  TRUE  ESB.  POWER  YOUR  BUSINESS  WITH 


IBM  MIDDLEWARE.  POWERFUL  PROVEN. 


IBM,  the  IBM  logo  and  WebSphere  are  registered  trademarks  or  trademarks  of  International  Business  Machines  Corporation  In  the 


■ti 


a,  y 


SI 


■ 


.A' 


IX 


/ 


ue  TUNNE 

“V5  VISION 


■ISTEB  MIA  NANAGDDVT  KEFS  SUO  BFOMMTIM  IN  TV  HOPES! 


UNPARALLELED  BUSINESS.  INDUSTRY 
i  IMPLEMENTATION  EXPERTISE  ■ 


POWERFUL  CONTROL  OVER  CUSTOMER. 

PRODUCT  l  SUPPLIER  INFORMATION 

- riUS:l 

NEAVYVEIBHT  SECUMH.  RIGOROUS  COMPLIANCE,  BOOSTED  ABILITY  AND  PROFITABILITY  1 

REAL-TIME  DELIVERY  OF  ACCURATE.  CONSISTENT  A  COMPLETE  INFORMATION^ 

M  NMlfVABE.  PtWEWJL  PtOVEN.  TOUT  BACK  AT  ffWV.IBM.COM/WBDLEVARE 


twMiUi 


iooo  arid  Tivoli  are  r< 


IBM  LOTUS'  NOTES*  &  DOMINO*  PRESENT 


YOU 


uc  YESTERDAY’S  MESSAGING, 
15  TOMORROW’S  DEMANDS 


BUSINESS  CRITICAL  COLLABORATION  TAKES  ON  WEAK  KNEED  PRODUCTIVITY* 


FEATURING  SPECIAL  GUEST: 

THE  NEW  LOTUS  NOTES  t  DOMINO  7  *  BEYOND  E-MAIL.  BEYOND  CALENDARING,  BEYOND  "IT'LL  DO 


r 


H 


■m  SUPER  HEAVYWEIGHT  SECURITY 
FEATURES  /  EFFORTLESS  MANAGEABILITY  / 
CONTINUING  INNOVATION 
FOR  BUSINESS-CRITICAL  COLLABORATION 


KNOCK-OUT  APPLICATION 
DEVELOPMENT  TOOLS 


LOTUS  NOTES  A  DOMINO  7  -  A  MEMBER  OF  THE  IBM  WORKPLACE  FAMILY 

★  IBM  MIDDLEWARE.  POV  £RFUL.  PROVEN.  * 

FIGHT  BACK  AT  WWW.IBM.COM/MIDDLEWA  "PRODUCTIVE  ill ClAUENtEM  IEICONE 


Oracle  Fusion  Middleware 


"Excellent 


Oracle  Application  Server  10 g.  Release  2 


InfoWorld  Ranking:  Excellent 


Criteria  Score 

Manageability  10.0 

Integration  9.0 

Interoperability  8.0 

Performance  8.0 

Scalability  9.0 

Reliability  8.0 

Value  8.0 


InfoWorld  Review,  April  11,  2005 


Oracle  Fusion  Middleware 

Hot-Pluggable.  Comprehensive. 


J2EE  —  Enterprise  Portal  —  Identity  Management — Integration  —  Data  Hub  —  Business  Intelligence 


oracle.com/middleware 
or  call  1.800.ORACLE1 


Copyright  ©  2005,  Oracle.  All  rights  reserved.  Oracle,  JD  Edwards  and  PeopleSoft  are  registered  trademarks  of  Oracle  Corporation  and/or  its  affiliates. 

Other  names  may  be  trademarks  of  their  respective  owners. 


NETWORKWORLD 


law 


wwwnrtworkworkt  cwi  •  7 


News 

II  hiffc  i m  «(>#*  W.r  i  IPv6. 

It  Vertron  odwdi  tusrws*  Vi#' 

!J  HP  "twtrtyiriR  flora*  if«radfr. 

B  4P  tKfslH  ProCurve  switch  r#. 

M  IBM  o  ucr/iii' t  .  wr  ■  *  BladcCenter. 

M  Demo  *06  si!K  ttk  flagi  tor  no*  flrttrjnv  «m 
II  cisco  launatio*  warn*  m«M|en«ni  ptallirn, 
tl  AOL  Yahoo  aontromrsy  around  loo  tuvri  e 


Net  Infrastructure 

71  IhKsdvv  tt*  liturf  d  htwrort 
71  ltd/  ta*  tar  «nta  (ftps 
17  SymatK  to  o'Vr  orini 
protnawii  wrwtxis 
17  4mu  vmjs  wKKiiirs 
network  atxxKs  control 

Enterprise  Computing 

71  Ho!  wifi  4;i;4n.jr  cSvffs  ntu 


Technology  Update 

37  M  >iai  (An  ihomm  fir  SOI 

SUUUNS 

37  Dm  Urn  b  Dr  rttni 
SI  Mart  CAM:  I  man  rxtfl  Sir'. 
Army  knrfr. 

SI  Ktel  Star:  God  turns  ft,r« 
aid  attar  neat  fluff 

Opinions 


Featun 

The 

future  of 
software: 


Online 


www.networkworfd.com 


Available  only  on  NetworfcWorld.com 

6tl  ym  WIN  apfiutiwa  actar-  Nvtwert  Ward  (TVta 


The  trad! 
application  is 
detid: 
long  live 

SOftWi 

as  a 

In  His  package  of  stones  that  starts  on  P*0 
4^  industry  ttiou^w  leaders  share  thnr  vtsnn  of 
the  future  of  software:  _ 

Rasrtne  CEO  Charles  Slack  says  trafooml  apps 
are  an  arafrr  that  hold  compares  down.  Page  44. 


Thu  week  of  Feb.  27.  wel  hnld  ,n 
(tecussam  on  ways  to  .renter 
Cdcmms  .1708  the  WAN  Get 
answers  from  experts  .it  Qsoi. 
Orro.  Padcuwr  ,md  SAcr  Piu* 
Silrfl  your  questions  now  to 
4#rtn  *  nww  com.  We  i  hove  a 
fcnry  of  papers  to  Drone. 

ta  Map  tatag 

NotBu//  cctemst  P»i  McNamara 
niu*u->  thn  leap  to  the  bkflpspherfl. 
Jon  n  the  Hm  .md  see  what  he's 

!.*n  lint  tattar  1132 


Intrepid  video  reporters  Keith  Shaw 
and  Jason  Meserve  rnanim)  the 
show  last  week.  dfltDng  with  the 
people  behnri  the  contest  new  fluff. 

taftar  2134 

*■  *  a-  mmrjj  u-i  • _ a 

NHwin  wwnw  Oil  M4I 

David  Cohn  of  IBM  s  U  Watson 
Research  Centers  betas  compa 
ms  need  to  focus  on  the  nouns  ;n 
wel  .»  the  verts  when  t  comes  to 
tUMl  otpetta  .md  It  needs  ro 
support  it  Wutchhu^imutH 
mnm  taftar  2135 


Online  help  and  advice 

Iwfcag  tta  mm  Mt  *f  ywr 


Help  Desk  guru  Hon  Nutter  heps 
a  user  concerned  by  ret  lent  worm 
news  to  rednitle  Ik  secunt  y 


SImM  ym  luMf  iM  < 

Cotemfl  Mark  Gtts  looks  it 
fnprovmg  your  XMI  appicaiion 
devekjpnHit  with  Stylus  Studio 

2134 


vnuai  lapt  pool 

IS  SWsn't  vrtuak'alhvi  taiyjuts 

hytti  avaiattev 

21  HM  talk  'kg’tr  FtaHi  ok«h 

flMHdS 

Application  Services 

71  louts  .K»ro»  vOfly 

orams. 

71  Inatyts*  (iul  always  wiui  t 


41 1»  Iiteafligy  Plwuuri 

want: 

41  Jiff  Liyiu  kerivng  out 

surety; 

41  tan  btan  Mil  putter* 
yanders  wi  own  ISB  markets 
U  lutl*  v  1  svsitw  tor 
UKhuv  suKxn 

M  Net  Bur  >  <J.  rr> 

no*  dm;  cakid  Bui.tiMR 


WebEx  Smal  Busness  President  Rck  FaiJk  pre 
dels  the  future  wi  be  on  demand  software. 

Pag*  45. 

Sin  CTO  Greg  PapudupotJos  says  the  two  big 
trends  are  open  soiree  and  software  as  a 
service  Page  46. 

Constant  Josh  Greertaiin  presets  that  IT 
owes  it  ergoy  a  buyer's  markt  Pagi  46. 


MM 

M  tta  Irwtar  k  iKid  as  4 

kigtskiiiv*  tarn. 

It  V.n.i  ikyflaiv  It  twufl 
messaging  sotmubs 

M  tftCUL  itCfi  lit*)  taokks. 
dau  nogrulur.  analyse. 


Management 

Strategies 

Utalitaita 

IT 

tapt  s»  His  h* 
wpnlts  ch*t 
squucA’  «wer>«wf 
3*1  tan  ta*  hr 
•**«** 


U  tau  1«  Jita  Write  to 
raadnottn  KCs  iteruaktr 
St  WhaMidift  Bans  v  vrwr 
ter  SMB  nanat 


( (K)l  TOOLS 


•  wi 

it. 


Analyst  Tom  Kucharvy  says  the  entre  ISV  busi¬ 
ness  mode  s  rapdy  drungjng.  Pagi  M. 

Face-Off:  Is  security  m  the 
cloud'  the  way  to  go? 

Brad  Ufcr  of  Perimeter  Netwurkng  says  he 
sees  s/ry  days  ahead  for  n-the-doud  ser¬ 
ies  But  Bruce  Schneer  of  Counterpane  has  a 

coutervjing  opnon  Pagi  4!. 

■  CONTACT  US  Wrjna  Ad  SoJm^nj^jr. 

IAA  Nuk  US  rnt>SSS3  Hul  .»  N^t*  t  tm ufc 


caw  STAff;  Sm  M  a»  tmp  «  Mr 


efforts. 

taftar  2136 

talMOtattat 
rate  ate  ta  ta  ata  tta 

Newfleder  wnter  Ouve  Keurns  dh 
cu5*a  now  to  ersire  a  vnoofh  ni 
out  of  an  dettt  y  maruKcmett 

taftar  2137 


Seminars  and  events 

latwart  M  iiUMwrf  II*  ta  Can  CinqWit/ 

lop  K)  (laisujm  network  rrwnagcn  must  answer  nghf  now  If)  Which 
metrics  are  (he  most  teftng.  and  how  should  I  report  thenir’  9  How  is 
mwgjon  mMung  veuriy  management  more  matte?  8  When  opnr.ti/.i 
tun  tecfrwua  idd  the  most  v-mie?  for  the  rest  mend  No  »ork 
Mimagrirurt  the  New  Care  Competency  a  free  Fecnnotty  /  ’our  Cvent 
taftar  2141 


6«(  i  pntM? 

Post  It  n  our  Ihrume  ;md  get  help. 
Wove  got  B  the  key  enterprMe  up 
01  covered.  Free  regnlntion  » 
nsured  (heps  keep  the  women 
at  bay  and  lets  you  get  notif^iimn 
of  repies  to  your  puds) 
taftar  2t39 


BREAKING  NEWS 

G«  lit  *  Ur  Dn.sff  tows  wy  day  Docfitawr  1001 

Free  c  m.  newsletters 

Ssy  4>  hr  any  of  mure  n*  40  '*wxim  m  ney  network  •  *- 

BwrfMMr  1902 


We‘v«  m*d c  it  easy  to  uc«M  article*  end  resource* 
onNne.  Senpiy  enter  Um  tour-dfllt  OacfWMter  (tumfi*.  m 
the  teerch  boe  on  the  home  (M«e.  end  ycjw'M  lump  «U-  .t»> 

to  the  requested  intornutiun. 


8  •  www.networkworld.com  •  2.13.06 


Oracle  to  cut  2,000  jobs 

■  The  integration  of  Siebel  Systems  into  Oracle  will  result  in  the  work¬ 
force  of  the  combined  companies  being  reduced  by  2,000  positions, 
Oracle  said  last  week.The  majority  of  those  laid  off  will  be  Oracle 
employees.  When  the  integration  is  complete,  Oracle  s  workforce  will 
number  about  55,000.  Oracle  CEO  Larry  Ellison  and  other  executives 
spoke  on  a  Webcast  last  week  to  discuss  the  impact  of  the  approximate- 


Bush  backs  more  tech  spend¬ 
ing.  President  George  W.  Bush  has  asked 
Congress  to  approve  a  funding  increase  for  the 
Department  of  Energy's  Office  of  Science  and  the 
National  Science  Foundation  in  his  fiscal-year  2007 
budget,  an  administration  official  says.  Some  tech  and 
school  groups  want  more  though,  criticizing  Bush  for 
attempting  to  end  the  Department  of  Education's  $500  million 
Enhancing  Education  Through  Technology  program. 


NOAH  Z.  JONES 


ly  $5.85  billion  deal.  On  the  technology  front,  Siebel  software  will  form  the  basis 
of  Oracles  CRM  product  following  the  two  companies’  integration,  Oracle  said. 
Siebels  business  analytics  technology  also  will  play  a  key  role  in  Oracles  product 
line,  being  sold  as  an  attachment  to  Oracle  products  and  to  software  that  came  from 


Apps  vendors  get  slapped.  Big-name  companies 
such  as  AOL  and  Adobe  could  do  a  better  job  of  writing  secure  soft¬ 
ware,  according  to  a  recent  report  by  two  Princeton  University 
researchers.  The  researchers  looked  at  a  number  of  popular  applica¬ 
tions,  including  AOL  Instant  Messenger  and  Photoshop,  and  determined 
that  many  companies  made  changes  to  operating  systems  that  could 
let  attackers  bypass  some  Windows  security  mechanisms. 


recent  acquisitions  of  ReopleSoft  and  J.D.  Edwards,  Ellison  said. 


IBM  snaps  up  Viacore 

■  IBM  last  week  announced  its  acquisition  of  Viacore 
for  an  undisclosed  amount.Viacore  provides  software 
and  services  for  linking  supply-chain  partners  that 
want  to  swap  information  about  product  capacity 
inventory  delivery  and  forecasting.  Big  Blue  plans  to 
use  Viacore’s  process  integration  technology  to 
strengthen  its  business  transformation  outsourcing 
service,  specifically  in  the  area  of  supply-chain  opti¬ 
mization  and  management.  It’s  a  market  worth  an 
estimated  $23.5  billion,  according  to  IBM.  Last  year 
IBM  announced  its  supply-chain  BTO  service,  which 
combines  consulting,  technology  and  services  to 
help  companies  streamline  and  gain  greater  visibility 
into  their  supply-chain  processes,  including  procure¬ 
ment,  logistics  and  planning.  In  acquiring  Viacore, 
IBM  gains  tools  for  building  business-to-business  part¬ 
ner  networks.  Viacore’s  BusinessTone  service  is 
designed  to  help  set  up  and  maintain  links  between 
a  company’s  business-integration  infrastructure  and 
the  platforms  used  by  its  trading  partners. 

FTC  plans  hearings  on  ’Net  risks 

■  The  Internet  industry  needs  to  create  “self-regulato¬ 
ry  regimes”  and  come  up  with  new  technologies  to 


COMPENDIUM 

Rich,  mousy  goodness 

A  couple  of  gamer  geeks  have  developed  an 
air-cooled  mouse  pad:  “After  a  few  hours  of 
gaming  with  our  normal  high-end  mouse 
pads  you  get  a  buildup  of  sweat.The  mouse 
and  mouse  pad  become  slippery,  and  you 
start  to  lose  your  competitive  advantage  due 
to  the  loss  of  precision.”  Find  out  more  at 
www.nww.com,  DocFinder:  2133. 

-  jQHcni 


{quote  o 

quote  o 

quote  o 


;tb 

th 

t 


e  wee 

e  wee 

ie  wee 


“Aggressive  government  action 
to  accelerate  the  deployment  of 
IPv6  by  the  private  sector  is  not 
warranted  at  this  time.” 

Report  from  the  Commerce  Department’s  IPv6  Task  Force. 

See  the  report  at  www.nww.com,  DocFinder:  2141  and  see  our 
story  on  page  10. 


battle  online  dangers  such  as  spyware,  Deborah  Platt 
Majoras,  chairwoman  of  the  Federal  Trade 
Commission,  said  last  week.  Majoras  also  called  for 
“appropriate”  law  enforcement  actions  and  better 
consumer  education  efforts  to  deal  with  online  risks. 
Speaking  at  an  Anti-Spyware  Coalition  event, she  said 
the  FTC  will  host  hearings  later  this  year  to  help 
Internet  users  combat  online  dangers. The  FTC  held 
similar  hearings  in  1995,  but  “no  one  even  mentioned 
spyware  or  similar  intrusive  software,”  Majoras  said. 
“Today  however,  spyware  is  fast  overtaking  spam  as 
consumers’  top  online  concern.”The  FTC  will  contin¬ 
ue  to  file  lawsuits  against  spyware  distributors, 
Majoras  said.“A  consumer’s  computer  belongs  to  him 
or  her,  not  to  the  software  distributor’’ she  said.“Buried 
disclosures  do  not  work,  just  as  they  have  never 
worked  in  more  traditional  areas  of  commerce.” 

Google  leads  U.S.  search  growth 

■  People  in  the  United  States  use  the  Internet  for 
everyday  research  more  than  any  other  medium,  a 
fact  demonstrated  by  the  55%  year-over-year  surge  in 
online  searches  recorded  in  December,  according  to 
market  researcher  Nielsen/NetRatings.The  number  of 
online  searches  in  the  United  States  soared  to  nearly 


One  more  reason  for  universal  broad¬ 
band.  The  Arizona  State  University's  State  Press  reports  that  a 
male  student  was  recently  arrested  at  the  school's  Hayden  Library  and 
charged  with  indecent  exposure  and  public  sexual  indecency.  After  get¬ 
ting  nabbed  for  allegedly  pleasuring  himself  while  watching  pom  on  his 
laptop,  the  student  is  said  to  have  explained  why  he  did  this  in  the 
library:  “To  be  honest,  the  Internet  connection  at  my  dorm  isn't  good 
enough." 


5.1  billion  in  December  from  3.3  billion  a  year  earli¬ 
er,  despite  just  a  slight  uptick  in  the  total  number  of 
Americans  connecting  to  the  Internet,  according  to 
Nielsen/NetRatings.The  number  of  Internet  users  in 
the  United  States  rose  merely  3%  year-on-year  in 
December,  to  207  million  people.  Google  remained 
the  most  popular  place  for  Americans  to  search. 
Google  not  only  ranked  first  out  of  approximately  60 
search  engines  but  also  widened  the  gap  between 
itself  and  No.  2  Yahoo  by  grabbing  48.8%  of  all  search 
traffic  in  December,  or  nearly  2.5  billion  searches,  up 
from  43.1%  a  year  earlier. 

Microsoft  bolsters  IP  protection 

■  Moving  to  quell  apprehension  about  patents, 
Microsoft  will  strengthen  intellectual  property  pro¬ 
tection  for  manufacturers  and  distributors  using  its 
software.  Microsoft  has  removed  a  cap  on  some 
legal  costs  for  companies  that  use  or  alter  source 
code  in  the  Windows  Embedded  and  Windows 
Mobile  software  platforms.  Costs  covered  by  the 
move  would  include  patent,  copyright,  trademark 
and  trade  secret  claims.  Microsoft  says  about  4,000 
companies  use  embedded  or  mobile  software.  The 
company  did  not  reveal  the  previous  limit.“We  want 
our  partners  to  have  confidence  they  are  not  unnec¬ 
essarily  exposing  themselves  to  [intellectual  proper¬ 
ty]  problems,”  says  Hardy  Poppinga,  Microsoft 
spokesman.  “We’re  only  making  money  if  our  part¬ 
ners  are  making  money”  Microsoft  introduced  the 
intellectual  property  program  in  2003,  and  it  was 
expanded  in  2004  to  cover  low-volume  customers 
and  partners,  Poppinga  says. 


VBH  OHwireless 


We  never  stop  working  for  you.' 


One  productive  device. 

One  standard  operating  system. 
One  less  thing  to  worry  about. 


li  |«4H 


Exclusively  from 
Verizon  Wireless 


f-wjrS  hrthday 

forvi.au  few)  Nkorra 

«0Qwfioaau4 

4b  (hrtlook  (  nul  1 4  Utwmm} 


VJf|  ’?  n  ^  i  1 


Treo  7oow 


Introducing  the  first  Treo  smartphone  to 
run  on  Microsoft  Windows  Mobile.0 

Ont,  wanton  Kat  the  Trto”  TOO*  smartpron*  (hr  hast  Tiro  to  run  mobtht  **ruons  of  Microsoft  Outlook  and  Oftica 

adorn  l|  uung  (hr  same  super  ica  s ok««t  ptattcam  you  m<  10  (hr  office.  >(  aNows  tea  a  umpire  smoother  add  met* 
efficient  standaidced  eoeyaoon  tea  you  and  your  employee*  it  s  aho  the  hut  Tiro  powered  by  broadband  speed 
on  the  nations  taryrtl  hgn  speed  ameiess  broadband  net  «cat  Vtmoa  Wireless.  tr»  Ida  hetwork/* 


■  rawvj 

a  X . 


Get  a  Treo  700w  smartphone  for  $399.99  after  $100  instant  rebate. 

M*  vaM  «e»  mm  mm  pie.  m  SJ»  M  •«■**  auau  m  dyke  *■*  .  eau  Mai  at  S*4  *»  aaaauy  aaaare  ar  aay  aee  fc«a  me  lata  (ken.  Mb  *  yraa  ttarday  at  STS  rt  mrnmtmy  turn*  man  year  Cmcmm  iywaM 


’wireles&'COm 


#>•  *  m-C  art 


10  •  www.networkworld.com  • 


2.13.06 


Feds:  Go-slow  approach  on  IPv6 

Task  force  sees  little  short-term  benefit  toward  IPv6  deployment;  net  security  a  concern. 


BY  CAROLYN  DUFFY  MARSAN 

IPv6  advocates  looking  for  the 
U.S.  federal  government  to  make  a 
major  financial  commitment  to 
the  next  generation  of  the  Inter¬ 
net’s  main  communications  pro¬ 
tocol  will  be  disappointed  with 
the  findings  of  a  new  report  from 
the  Commerce  Department. 

“Aggressive  government  action 
to  accelerate  the  deployment  of 
IPv6  by  the  private  sector  is  not 
warranted  at  this  time,”  states  a  re¬ 
port  from  the  Commerce  Depart¬ 
ment’s  IPv6  Task  Force,  which  con¬ 
sists  of  officials  from  the  National 
Telecommunications  and  Infor¬ 
mation  Administration  and  the 
National  Institute  of  Standards 
and  Technology  (NIST). 

“Although  IPv6  has  the  potential 
to  produce  significant  benefits  for 
U.S.  businesses  and  consumers 
over  time,  the  near-term  benefits 
are  less  clear,”  the  report  states.“In 
the  initial  years  of  IPv6  deploy¬ 
ment,  network  security  will  likely 
be  no  greater  under  the  protocol 
than  is  currently  available  in  IPv4 
networks.  Additional  evidence 
suggests  that  premature  adoption 
of  IPv6  . . .  could  result  in  unnec¬ 
essary  costs  and  reduced  infor¬ 
mation  technology  security 
Despite  this  assessment,  the 
report  hints  at  additional  federal 
funding  for  IPv6-related  research 
and  development. 

“The  federal  government  will 
need  to  consider  allocation  of 
new  resources  and  to  work  coop¬ 
eratively  with  non-federal  authori¬ 
ties  and  the  private  sector  to 
address  outstanding  IPv6  research 
and  development  issues,  and  to 
expedite  the  development  of  suit¬ 
able  deployment,  coexistence  and 
transition  plans,”  the  report  says. 

Developed  by  the  IETF  IPv6 
promises  easier  administration, 
tighter  security  and  an  enhanced 
addressing  scheme  when  com¬ 
pared  with  IPv4,  the  Internet’s  cur¬ 
rent  protocol.  IPv6,  which  uses  a 
128-bit  addressing  scheme,  sup¬ 
ports  a  virtually  limitless  number 
of  uniquely  identified  systems  on 
'he  Internet,  while  IPv4  uses  a  32- 
bit  addressing  scheme  and  sup- 
oils  only  a  few  billion  systems. 
The  Commerce  Department’s 
: !  6  Task  Force  was  created  in  re- 
■  >nse  to  a  2003  White  House  re- 
rt  on  cyberspace  security.  The 


task  force  was  charged  with  con¬ 
ducting  a  cost/benefit  analysis  on 
whether  the  transition  to  IPv6 
should  be  accelerated  to  provide 
enhanced  cyberspace  security 

The  task  force’s  report,  entitled 
“Technical  and  Economic  As¬ 
sessment  of  Internet  Protocol 
Version  6,”  outlines  the  benefits 
of  IPv6,  including  more  address 
space,  end-to-end  security  and 
easier  network  administration. 
Nonetheless,  the  report  recom¬ 
mends  a  go-slow  approach  to 
federal  agencies  and  enterprises 
looking  to  migrate  to  IPv6. 

The  Commerce  Department’s 
cautious  approach  to  IPv6  seems 
at  odds  with  a  mandate  by  the 
Office  of  Management  and 
Budget  (OMB)  that  all  federal 
agencies  must  run  IPv6  on  their 


network  backbones  by  June  2008. 
The  OMB  mandate,  issued  last 
August,  follows  a  similar  require¬ 
ment  that  the  Defense  Depart¬ 
ment  issued  in  2003  to  have  all 
military  networks  transitioned  to 
IPv6  by  fiscal  year  2008. 

“Despite  this  report  from  the 
Commerce  Department,  the  OMB 
is  providing  leadership  to  assist 
agencies  to  adhere  to  the  man¬ 
date  to  move  to  IPv6,”  says  Jim 
Bound,  chair  of  the  North  Ameri¬ 
can  IPv6  Task  Force  and  a  senior 
fellow  with  HP  “OMB  in  the  last 
seven  months  has  done  more 
than  anyone  else  to  proliferate 
IPv6  in  the  government  and  help 
with  the  mandate.” 

Bound  disagrees  with  the 
Commerce  Department’s  recom¬ 
mendation  against  aggressive 
government  action  regarding 
IPv6  deployment. 


“The  North  American  IPv6  Task 
Force  does  not  agree  that  IPv6  is 
not  warranted  as  a  significant  in¬ 
vestment  for  the  U.S.  government,” 
Bound  says.  “It  absolutely  is  re¬ 
quired  for  the  Defense  Depart¬ 
ment  and  for  the  Department  of 
Homeland  Security  It’s  also  re¬ 
quired  for  any  future  hope  of  get¬ 
ting  to  next-generation  networks 
and  getting  to  benefits  like  mobil¬ 
ity  and  widespread  use  of  per¬ 
sonal  devices.” 

The  Commerce  Department  re¬ 
port  has  many  positive  things  to 
say  about  IPv6.  It  suggests  the  in¬ 
evitability  of  IPv6  being  deployed 
in  most  network  hardware,  operat¬ 
ing  systems  and  software  within 
the  next  five  years. 

The  report  says  that  corpora¬ 
tions  and  government  agencies 


will  likely  purchase  IPv6-enabled 
gear  during  standard  technology- 
refresh  cycles  and  move  to  the 
technology  gradually  rather  than 
all  at  once.  The  report  identifies 
many  of  the  obstacles  to  IPv6  de¬ 
ployment,  including  the  huge  in¬ 
stalled  base  of  IPv4  systems  and 
the  labor-intensive  process  of 
upgrading  to  IPv6. 

“Large  and  midsized  user  orga¬ 
nizations,  such  as  corporations 
and  government  agencies,  will 
likely  incur  greater  costs,”  the  re¬ 
port  says.’The  magnitude  of  those 
costs  will  depend  on  each  user’s 
existing  network  infrastructure 
and  operational  policies,  the  ex¬ 
tent  to  which  their  customer 
applications  must  be  modified  to 
adopt  IPv6  and  whether  the  user 
intends  to  connect  to  other  orga¬ 
nizations  using  IPv6." 

The  report  includes  a  hypotheti¬ 


cal  case  study  designed  to  esti¬ 
mate  the  cost  associated  with  an 
enterprise  adopting  IPv6.  The  re¬ 
port  estimates  it  will  cost  a  com¬ 
pany  nearly  $1.8  million  to  transi¬ 
tion  to  !Pv6.This  estimate  is  based 
on  the  company  having  eight 
core  routers,  150  switches  and 
four  firewalls  (see  graphic). 

Bound  says  the  $1.8  million  fig¬ 
ure  is  way  too  high. 

“It  will  cost  around  $300,000  for 
an  enterprise  to  start  using  IPv6,” 
he  says.“We’re  not  talking  about  a 
lot  of  money  here  because  enter¬ 
prises  will  get  IPv6  as  part  of  their 
regular  tech  refresh.  Tech  refresh 
costs  should  not  be  included  in 
the  cost  of  IPv6.” 

The  Commerce  Department  re¬ 
port  is  accompanied  by  an  analy¬ 
sis  from  RTI  International  that 
states  the  overall  cost  of  convert¬ 
ing  the  Internet  to  IPv6  will  be 
$25  billion  over  25  years.  IPv6 
advocates  also  questioned  the 
$25  billion  figure. 

“The  North  American  IPv6  Task 
Force  believes  that  cost  is  too 
high,”  Bound  says.  “If  a  customer 
puts  in  a  new  MPLS  network  and 
runs  IPv6  over  it,  is  that  network 
an  IPv6  cost  or  the  cost  of  tech¬ 
nology  evolution?  We  cannot  for 
the  life  of  us  figure  out  how  a 
technology  trend  is  going  to  cost 
$1  billion  a  year. That  just  doesn’t 
make  sense.” 

The  Commerce  Department  re¬ 
port  concedes  that  most  Internet 
experts  predict  IPv6-based  net¬ 
works  will  be  technically  superior 
to  today’s  IPv4  networks,  with 
tighter  security  and  support  for 
new  services  that  take  advantage 
of  the  additional  address  space 
that  IPv6  offers.  However,  the 
report  emphasizes  the  security 
risks  of  deploying  mixed  IPv4  and 
IPv6  environments  during  the 
transition  to  IPv6. 

“Experts  generally  agree  that 
implementing  any  new  proto¬ 
col,  such  as  IPv6,  will  entail  an 
initial  period  of  increased  secu¬ 
rity  vulnerability  the  report  says. 
“Additional  resources  will  be 
necessary  to  deal  with  new 
threats  posed  by  a  dual  standard 
environment.” 

The  report  recommends  that  all 
organizations  be  prepared  for 
IPv6  to  appear  on  their  networks, 
and  to  create  security  plans  and 


policies  for  dealing  with  IPv6  traf¬ 
fic  during  the  years-long  migra¬ 
tion  process. 

For  the  first  three  to  five  years  of 
IPv6  deployment,  the  user  com¬ 
munity  “will  likely  see  no  better 
security  than  what  can  be  real¬ 
ized  in  IPv4-only  networks  today 
the  report  says.  “More  security 
holes  will  probably  be  found  in 
IPv6  and  its  transition  mecha¬ 
nisms  than  in  IPv4.  In  the  longer 
term,  security  may  improve  as  a 
result  of  increased  use  of  end-to- 
end  security  mechanisms.” 

The  Commerce  Department’s 
conservative  recommendations 
regarding  IPv6  don’t  come  as  a 
surprise  to  Stan  Barber,  vice  presi¬ 
dent  of  engineering  operations  at 
NTT  America,  which  was  the  first 
ISP  to  offer  IPv6  services  in  the 
United  States. 

“I  didn’t  expect  them  to  come 
out  and  say  that  IPv6  was  mother¬ 
hood  and  apple  pie,”  Barber  says. 
“This  report  is  not  from  research 
they  did  using  the  protocol.  It 
comes  from  interviews  of  experts 
that  they  conducted  or  had  RTI  In¬ 
ternational  conduct  on  their  be¬ 
half.  In  their  reports,  NIST  doesn’t 
like  to  say  that  a  technology  will 
definitively  do  this  or  that  unless 
they  have  empirical  evidence.” 

Barber  says  he’s  glad  the  report 
is  not  more  negative  about  the 
risks  and  costs  associated  with 
moving  to  IPv6.  “This  report  is  not 
going  to  cause  anybody  to  accel¬ 
erate  their  plans  to  move  to  IPv6 ... 
but  I  don’t  think  it  will  stop  any¬ 
body  from  moving  forward,”  he 
says.“We  didn’t  want  this  report  to 
come  out  and  retard”  the  migra¬ 
tion  to  IPv6. 

IPv6  advocates  agree  with  the 
Commerce  Department’s  empha¬ 
sis  on  proper  planning,  testing 
and  security  analysis  before  con¬ 
ducting  an  IPv6  migration. 

“No  one  should  put  IPv6  on  a 
network  without  testing.  No  one 
should  put  IPv6  on  a  network 
without  additional  security 
Bound  says.  “But  all  U.S.  industry 
—  whether  you’re  Wal-Mart  or 
General  Motors  —  should  be 
moving  to  IPv6."B 

HIGH-SPEED  LANS 

Subscribe  to  our  free  newsletter. 

DocFinder:10Q5  www.Mtworkwtrld.cM 


What  to  expect  from  an  IPv6  tab 

Here  are  existing  infrastructure  components  anc 
expenses  for  a  hypothetical  company: 

Network  component  I  No.  of  units  1  Avg.  cost/unit 

1  annual  labor 

Total  cost 

Router 

8 

815,000 

8120,000 

Distribution  switches 

150 

810,000 

SI, 500.000 

Firewall 

4 

81,500 

86.000 

Network  specialist 

3 

$55,000 

8165, 000/year 

Training 

3 

82,500 

87, 500/year 

Total 

SI, 798, 500 

SOURCE:  RTI 

2  0.06  •  **»  ■<•■ ■»■!>»  • 


Verizon  extends  business  VoIP  services 


VoIP  versions 

IP  telephony  services  orrentty  offered  by  Verizon 

C* 

Key  sysiBTB 
Key  syVRre.  PW 
f  PW  (teco  421) 

SV  phones 


f  ftotr  11 
P  Neg^sd  Access 
PhrtuiR 
Hosted  P  Cwtro 


24 
5  to  325 
More  than  200 
5  to  325 


•V  JIM  DUFFY 

Vrnzi  n  last  wr«c*k  unwited  an 
•rtrt»t»c*n  in  its  timer  less  M4P  wr 
vkw  dettgried  In  lower  the  twurv 
«r  to  entry  lor  nn»  adopters 

Thr  c  »m<i  s  W  Flexible  T-1  spy 
vice  n  intended  to  make  thr 
move  tn  IP  Mrythorry  mure  cod 
c-brcfrv»-  It*  iPirvlf  offices  Its  an 
outgrowth  i4  IP 

lritrgr?ilr<1  Acre*  sr-rv*-e,  one  <4 
several  \A4P  offerings  intx-nterl 
from  thr  acquisition  ot  Mil  (*»e 
graphic  )  Thr  nwr  k*t.\  sites 
with  Irwri  than  24  phnnr  lines 
maintain  their  existing  analog  key 
systems  and  <  ailing  features  while* 
Upgmdtng  to  a  converged  erm 
moment  that  camn  w*»  and 
data  imi  a  single  connection 

It  will  help  companies  Rain 
increased  data  thmugh|Mit  utiliz 
ing  voice  compression  and 
enhanced  netwesfc  jierlonnaiKr 
made  jxisulik-  Ivy  dynamK  hand 
width  allocation  V*-n»m  says. 


“M's  dotnR  that  stepped 
approach  in  which  you  may  not 
want  a  full-bimvn  hosted  solution 
but  you  cettainh  want  to  take 
advantage  <4  some  of  thr  thing* 
that  IP  bongs  to  the  table.*  savs  Will 
Slofega.  an  analyst  at  IDC  *F¥cpte 
cant  all  at  a  sudden  do  a  flash  cut 
oser  to  something  totally  new* 
Stotega  savs  IP  Flexible  T1  wtll 
go  up  against  Qwest's  Oneflrx 
W4P  service.  the  base  offering  of 
XOs  Xffphons  Flex,  and  Ccwad’s 
vPBX  and  PBXi  business  Vr4P  ser 
wees,  among  others 
In  addition  to  thr  T I  U4P  ser¬ 
vice.  Venzon  has  added  more 
(  hones  in  customer  equipment, 
dedicated  tofMreevweHP  features 
and  managed  baud  protection  to 
its  U4P  often  ngs 
Thr  company  also  has  added  a 
suite  of  Rilycom  IP  phones  tor  its 
Hosted  IP  Centtex  customers  The 
new  R4ycom  (tames  can  lie  pur 
chased  or  leased 


The  dedicated  toll-free  servicr 
lets  customers  use  a  single  con¬ 
nection  tor  their  incoming  folk 
free  calls  and  their  outbound  U4P 
traffic  For  a  foil-free  call  begin¬ 
ning  in  a  TDM  environment. 
Vervain  will  translate  the  traffic  to 
VWP  muting  the  voice  call  over  an 
IP  network  to  terminate  oser  a 
customer's  IP  connection 
This  lets  companies  consolidate 
mote  traffic  over  shared  integrat¬ 
ed  IP  trunks  vs  reserving  large 


dedicated  public  switched  tele* 
phone  network  circuits  for  incom¬ 
ing  toll-free  services.  Wnzon  viys 
The  baud-protection  service  fc»r 
managed  IP  telephony  customers 
r  designed  to  protect  businesses 
from  illegitimate  use  of  their  IP 
PBX  phone  systems  It  includes  a 
proactive  monitoring  capability 
that  detects  and  notifies  cus* 
turners  of  suspect  or  fraudulent 
calling,  to  stem  potential  business 
losses  associated  with  misuse  of 


an  enterprise  network 
The  fraud-protection  service 
can  be  administered  by  Wrixnnor 
customized  to  recognize  and 
report  irregular  activities  aiwockti- 
ed  with  a  customer  s  business 
IP  Flexible  Tl  costs  $625  per 
month  for  dedicated  Internet 
access  A  simultaneous  call  fra- 
fun’  can  be  added  k>r  an  addi¬ 
tional  S»iS  per  month  Prices 
include  customer  premise's  equip¬ 
ment,  unlimited  local  and  domes- 
tic  longdistance  fo  150  metrupol- 
itan  areas,  and  a  subnrt  of  iwr 
and  enterprise- wide  features 
IP  Integrated  Access  costs  $675 
per  month  lor  dedicated  Internet 
access,  with  simultaneous  call 
capabilities  priced  at  an  addition¬ 
al  $;I5  per  month  This  pricing 
includes  unlimited  local  and 
domestic  longdistance  to  150 
metropolitan  areas,  and  a  full  set 
of  user  and  enterprise  wide  fea¬ 
tures  ■ 


Depend  on  B  Li's 
Color  Printer  Line  Of  The  Year. 


tktm 


Cl' 


Buyer's  Laboratory  Inc.  perform*}  thr«r  mo<  f 
rigorous  testing  of  the  leading  color  printer!  ticor'i 
color  pr  nter  line  proved  to  be  the  br«  of  thr  ertr 

Let  Bicoh  dependaci  t/  move  /our  idea;  ter  < 


RICOH 


12  •  www.netwopkworld.com  •  2.13.06 


HETWORKOTRLD 


HP  readying  storage  upgrades 


BY  DENI  CONNOR 

HP  next  week  is  expected  to 
announce  enhancements  to  its 
high-end  and  midrange  storage 
arrays  and  software  designed  to 
help  customers  more  easily  man¬ 
age  heterogeneous  storage  sys¬ 
tems. 

Among  the  announcements 
expected  are: 

•  StorageWorks  XP  Disk  Arrays 
will  be  enhanced  to  allow  the 
attachment  of  HP  Enterprise 
Virtual  Array  (EVA)  4000,6000  and 
8000  midrange  systems  and  will 
ship  with  double  the  cache  mem¬ 
ory  to  increase  performance. 

•  Midrange  EVA  arrays  will  now 
include  iSCSI  connectivity  via  an 
add-on,  server-based  appliance, 
4GB  of  Fibre  Channel  host-side 
connectivity  and  the  use  of  400GB 
and  500GB  low-cost  Fibre  ATA 
(FATA)  drives. 

•  Storage  Essentials  software 


Top  revenue 

HP  has  the  No.  1  position  in 
worldwide,  total  disk  storage 
systems  factory  revenue,  with 
a  23.5%  market  share  and  rev¬ 
enue  of  $1.3  billion, 

according  to  market  research 
firm  IDC. 


now  will  be  able  to  manage  Tru64 
and  OpenVMS  hosts,  HP  and  Sun 
network-attached  storage,  the  HP- 
UX  implementation  of  Veritas 
Volume  Manager  and  IBM  DS 
6000  and  8000  provisioning. 

•  The  Enterprise  File  Services 
WAN  Accelerator  is  being 
enhanced  with  encrypted  com¬ 
munications  between  accelerator 
appliances,  protocol  acceleration 
for  Microsoft  SQL  Server,  high¬ 
speed  TCP  optimization  for  high- 


bandwidth,  high-latency  networks 
and  a  proxy  file  service  for  dis¬ 
connected  access  to  specific  files. 

In  a  PowerPoint  presentation 
obtained  by  Network  World ,  HP 
outlines  these  enhancements  as 
benefiting  the  consolidation  of 
multivendor,  remote  and  branch 
office,  and  online  and  backup 
devices.  Several  sources  con¬ 
firmed  HP’s  storage  consolida¬ 
tion  plans.  HP  declined  to  com¬ 
ment. 

HP’s  integration  of  its  XP  and 
EVA  arrays  is  important  in  that  it 
lets  customers  keep  using  their 
older  systems  and  simplifies 
migration  of  data  between  plat¬ 
forms.  HP’s  XP  arrays  already  sup¬ 
port  EMC,  HDS,  IBM  and  Sun 
arrays  as  external  storage. 

The  incorporation  of  400GB  and 
500GB  FATA  drives  into  the  EVA 
systems  has  been  expected,  par¬ 
ticularly  in  light  of  Seagate’s  hav¬ 


ing  started  to  ship  its  drives  last 
month.  EMC  announced  last 
month  that  its  new  DMX-3  also 
would  use  the  low-cost  Seagate 
ATA  drives. 

Further,  HP  is  expected  to 
announce  that  it  is  expanding  the 
capacity  of  the  HP  StorageWorks 
Virtual  Library  System  to  70TB 
and  incorporating  One  Button 
Disaster  Recovery  for  ProLiant 
servers  into  its  StorageWorks  Data 
Protector  Express  server  backup 
software. 

In  related  news,  HP  last  week 
acquired  OuterBay  a  vendor  of 
database  archiving  software.  The 
OuterBay  products  will  be  inte¬ 
grated  into  the  HP  StorageWorks 
division.® 

STORAGE 

Subscribe  to  our  free  newsletter. 

DocFinder:1019  www.networkworld.com 


EDITORIAL  DIRECTOR:  JOHN  GALLANT 
EDITOR  IN  CHIEF:  JOHN  D1X 

■  NEWS 

EXECUTIVE  EDITOR,  NEWS:  BOB  BROWN 
NEWS  EDITOR:  MICHAEL  COONEY 
NEWS  EDITOR:  PAUL  MCNAMARA 

■  NET  INFRASTRUCTURE 

SENIOR  EDITOR:  JOHN  COX  (978)  834-0554 

SENIOR  EDITOR:  TIM  GREENE 

SENIOR  EDITOR:  PHIL  HOCHMUTH 

SENIOR  EDITOR:  ELLEN  MESSMER  (941)  792-1061 

■  ENTERPRISE  C0HPUTIN6 _ 

SENIOR  EDITOR:  JOHN  FONTANA  (303)  377-9057 
SENIOR  EDITOR:  DENI  CONNOR  (512)  345-3850 
SENIOR  EDITOR:  JENNIFER  MEARS  (520)  818-2928 

■  APPLICATION  SERVICES 

SENIOR  EDITOR:  CAROLYN  DUFFY  MARSAN. 

(317)  5664)845 

SENIOR  EDITOR:  ANN  BEDNARZ  (612)  9264)470 

SENIOR  EDITOR:  DENISE  DUBIE 

SENIOR  EDITOR:  CARA  GARRETSON  (240)  2464)098 

■  SERVICE  4HMIB 

SENIOR  EDITOR:  DENISE  PAPPALARDO, 

(703)  768-7573 

MANAGING  EDITOR:  JIM  DUFFY  (716)  6554)103 

■  NET.WOBKEH 

MANAGING  EDITOR:  JOHN  DIX 

■  COPY  DESK/lAYOUT 

MANAGING  EDITOR:  RYAN  FRANCIS 
SENIOR  COPY  EDITOR:  JOHN  DOOLEY 
COPY  EDITOR:  TAMMY  O’KEEFE 
COPY  EDITOR:  BOB  SPRAGUE 
COPY  EDITOR:  CAROL  ZARROW 

■  ART 

DESIGN  DIRECTOR:  TOM  NORTON 
ART  DIRECTOR:  BRIAN  GAIDRY 
SENIOR  DESIGNER:  STEPHEN  SAUER 
ASSOCIATE  DESIGNER:  ERIC  ANDERSON 

■  FEATURES 

FEATURES  EDITOR:  NEAL  WEINBERG 

SENIOR  MANAGING  EDITOR,  FEATURES:  AMY  SCHURR 

OPINIONS  PAGE  EDITOR:  SUSAN  COLONS 

■  CLEAR  CHOICE  TESTS 

EXECUTIVE  EDITOR,  TESTING:  CHRISTINE  BURNS, 

(717)  243-3686 

SENIOR  EDITOR,  PRODUCT  TESTING:  KEITH  SHAW. 

(508)  490-6527 

LAB  ALLIANCE  PARTNERS:  JOEL  SNYDER.  Opus  One; 
JOHN  BASS,  Centennial  Networking  Labs;  BARRY 
NANCE,  independent  consultant;  THOMAS 
POWELL,  PINT;  Miercom;  THOMAS  HENDERSON, 
ExtremeLabs;  TRAVIS  BERKLEY,  University  of 
Kansas;  DAVID  NEWMAN,  Network  Test; 

CHRISTINE  PEREY  Perey  Research  &  Consulting; 
JEFFREY  FRITZ,  University  of  California,  San 
Francisco;  JAMES  GASKIN,  Gaskin  Computing 
Services,  MANDY  ANDRESS,  ArcSec;  RODNEY 
THAYER,  Canola  &  Jones 

CONTRIBUTING  EDITORS:  DANIEL  BR1ERE,  MARK  GIBBS, 
JAMES  KOBIELUS.  MARK  MILLER 

^WiTWORKWORlD.COM 

EXECUTIVE  EDITOR,  ONLINE:  ADAM  GAFFIN 
MANAGING  EDITOR:  MEUSSA  SHAW 
SITE  EDITOR:  JEFF  CARUSO.  (631)  584-5829 
ASSOCIATE  ONLINE  NEWS  EDITOR:  UNDA  LEUNG. 

(510)  768-2808 

MULTIMEDIA  EDITOR:  JASON  MESERVE 
SENIOR  ONLINE  COPY  CHIEF:  SHERYL  HODGE 
SENIOR  ONLINE  ORAPHIC  DESIGNER:  ZACH  SULUVAN 

■  SIGNATURE  SERIES 

EDITOR:  BETH  SCHULTZ,  (773)  2834)213 
EXECUTIVE  EDITOR:  JUUE  BORT  (970)  482-6454 
COPY  EDITOR:  TAMMY  O’KEEFE 

EDITORIAL  OPERATIONS  MANAGER:  CHERYL  CRIVELLO 
OFFICE  MANAGER,  EDITORIAL  GLENNA  FASOLD 
EDITORIAL  OFFICE  ADMINISTRATOR:  PAT  JOSEFEK 
MAIN  PHONE:  (508)  460-3333 
E-MAIL  first  namejast  name@nww.com 


HP  to  bolster  ProCurve  switch  family 

New  switch  products  add  high-speed  Ethernet  ports  and  Power  over  Ethernet  support. 


BY  PHIL  HOCHMUTH 

HP  ProCurve  is  expected  to  launch  several 
new  wiring  closet,  LAN  aggregation  and  core 
switch  products  this  week  targeted  at  organi¬ 
zations  requiring  combinations  of  Gigabit, 
Power  over  Ethernet,  and  switch-based  traffic 
management  and  security  features. 

The  ProCurve  Switch  5400  switch  chassis 
and  Switch  3500  stackable  switch  include 
triple-speed  Ethernet  ports  and  PoE,  as  well  as 
new  network  processors  that  let  the  devices 
operate  faster  when  running  services  such  as 
QoS,  network  access  control  or  other  policy- 
enforcing  actions. 

The  4200  switch  chassis,  a  basic  Layer  2  LAN 
edge  switch,  also  is  being  introduced  for 
deploying  lots  of  wiring  closet  ports  with  basic 
connectivity  at  a  low  price,  with  $90  Gigabit 
ports  and  $50  10/ 100Mbps  ports. 

For  aggregation  and  core  switching,  HP  Pro- 
Curve  is  launching  the  6200  switch,  a  Layer  3 
box  with  24  interchangeable  ports  for  cop¬ 
per,  fiber  or  a  mix  of  wiring  types.  A  four-port 
10G  Ethernet  module  can  be  added  to  the 
device. 

The  5400  and  3500  switches  support 
lO/lOO/lOOOMbps,  or  triple-speed  connectivi¬ 
ty,  on  each  port,  as  well  as  basic  Layer  3 
switching  features.  A  software  upgrade  to  the 
witches  lets  them  fully  route  traffic  with  pro- 
’  >cols  such  as  Open  Shortest  Path  First, 
routing  Information  Protocol  and  Virtual 
'  uter  Redundancy  Protocol  for  traffic 
iundancy. 

he  switches  also  include  new  ASIC  chips, 


dubbed  Provision  ASICs,  that  combine  several 
features,  previously  supported  in  software  on 
ProCurve  software,  into  a  hardware  processor. 
Among  these  features  is  HP’s  Virus  Throttling 
technology  which  lets  switches  identify  net¬ 
work  packet  flow  patterns  associated  with 
virus  traffic  and  reduce  that  bandwidth  to  pre¬ 
vent  flooding  the  network  with  potentially 
harmful  traffic. 

Also  built  into  the  Provision  chips  is  the  abil¬ 
ity  to  apply  individual  security  controls  (such 
as  access  control  lists  or  QoS  settings)  to  as 
many  as  32  individual  machines  connecting 
to  the  network  from  a  single  LAN  port.  (This 
could  involve  multiple  wireless  LAN  clients 
accessing  a  wired  LAN  through  an  access 
point  attached  to  a  port.) 

The  switches  also  support  HP’s  Identity 
Driven  Management  software,  which  lets  users 
configure  network  access  and  user  policies 
from  a  central  application,  and  use  LAN 
switches  to  enforce  security  policies  on  PCs 
and  laptops  connecting  to  the  LAN. 

While  ProCurve  switches  could  offer  these 
features  in  the  past,  “bringing  those  features 
into  hardware  allows  for  much  faster  perfor¬ 
mance,”  says  Matthias  Machowinski,  research 
director  at  Infonetics  Research. 

To  aggregate  traffic  from  switches  at  the  LAN 
edge,  HP  ProCurve  is  offering  its  6200  switch, 
also  built  on  the  new  Provision  ASIC.  The 
device  includes  24  small-form-factor-pluggable 
(SFP)  ports  that  can  accept  single-port  mod¬ 
ules  —  copper  or  several  versions  of  fiber  — 
supporting  lOO/lOOOMbps. 


A  slot  in  the  rear  of  the  device  can  be  fitted 
with  a  four-port  SFP  10  Gigabit  Ethernet  mod¬ 
ule,  with  port  inserts  for  long-  or  short-run  fiber, 
or  short-run  CX4  copper  connections. 

HP  ProCurve  is  offering  the  4200  switch  for 
users  interested  in  basic  connectivity  and  low 
cost.  The  fixed-configuration  switch  includes 
72  10/100Mbps  ports  in  a  box  measuring  four 
rack  units  (7  inches)  in  height.  Two  slots  are 
available  for  adding  as  many  as  48  more 
10/ 100Mbps  ports,  32  Gigabit  Ethernet  copper 
ports  or  12  ports  of  100Mbps  FX  fiber  con¬ 
nections. 

HP  ProCurve  is  targeting  its  5400  series  as  a 
competitive  product  to  Cisco’s  Catalyst  4500 
and  4900,  while  the  ProCurve  Switch  3500  is 
aimed  at  Cisco’s  Catalyst  3750  series  switch. 
The  5400  and  3500  compete  with  small  chassis 
switches  and  stackables  from  3Com,  Extreme 
Networks,  Force  10,  Foundry  Networks  and 
Nortel.® 


Application  acceleration  event 

Application  acceleration  is  one  of  six  fast  tracks  at 
Network  World's  IT  Road  Map  events  coming  to 
Boston,  Chicago,  Dallas  and  the  Bay  Area.  Forty  IT  all¬ 
stars,  analysts  and  vendors  offer  new  technology  and 
best  practices. 

DocFinder:  2024 


nww.com 


fjtM 

I  f  *  ml 


14  •  www.networkworld.com  •  2.13.06 


IBM  raises  bar  with  new  blades 


BY  JENNIFER  MEARS 

Users  can  expect  systems  ven¬ 
dors  over  the  next  few  months  to 
step  up  the  capabilities  of  their 
thin  blade  servers  to  run  more- 
demanding,  critical  business 
applications  with  enhancements 
such  as  support  for  10  Gigabit 
Ethernet,  better  management 
tools  and  faster  processing  plat¬ 
forms,  analysts  say 

IBM  was  the  first  out  of  the  gate 
last  week  with  its  new  Blade- 
Center  H  chassis  that  includes  an 
internal  network  fabric  that  will 
deliver  40GB  of  I/O  bandwidth  to 
each  blade  in  the  9U  (15.75  inch) 
enclosure.The  chassis  is  3.5  inches 
taller  than  the  current  Blade- 
Center  to  accommodate  high-per¬ 
formance  network  support,  in¬ 
cluding  InfiniBand  and  10G  Ether¬ 
net,  IBM  executives  say 

In  addition,  IBM  announced  a 
handful  of  new  blade  servers  (see 
graphic),  including  a  system 
based  on  the  graphics-focused 
Cell  Broadband  Engine  that  co¬ 
developer  Sony  plans  to  use  in  its 
upcoming  PlayStation  3;  a  low- 
power  Xeon  blade;  and  a 
PowerPC  970-based  system  that 
includes  native  virtualization  tech¬ 
nology  now  available  in  IBM’s 
pSeries  and  iSeries  servers. 

The  announcements  are  aimed 
at  keeping  IBM  atop  the  fast-grow¬ 
ing  blade  server  market  by  posi¬ 
tioning  blades  as  a  viable  plat¬ 
form  for  more  critical  business 
applications,  analysts  say.  IBM 
holds  a  42%  share  of  the  blade 
market,  compared  to  32%  for  HP 
its  closest  rival,  according  to  the 
most  recent  numbers  from  IDC. 
Dell  reentered  the  market  in  2004, 
and  Sun,  which  scrapped  its  prod¬ 
uct  line  last  year,  is  expected  to 
debut  new  blade  servers  in  the 
next  few  months. 

Both  Sun  and  HP  confirmed 
that  they  plan  significant  blade- 
related  announcements  in  the 
coming  months,  but  declined  to 
divulge  specifics. 

“If  1  were  a  customer  thinking 
about  blades,  I’d  be  looking  at 
how  blades  could  start  to  fit  into 
my  mission-critical,  high-perfor¬ 
mance  environment,”  says  John 
Humphreys,  a  research  manager 

1  iDC.'Td  be  thinking  about  how 
.  can  use  blades  to  further  the 
Ci  msolidation  efforts  that  my  com- 

.  ay  already  has  been  going 
1  a  ugh  for  the  last  few  years  — 


how  they  now  might  fit  into  a 
high-performance  application 
environment.” 

Customer  reaction 

Dave  Robbins,  director  of  IT  at 
clothing  manufacturer  Paul  Davril 
in  Los  Angeles,  says  IBM’s  an¬ 
nouncements  last  week  make  it 
possible  for  blades  to  take  on  a 
more  important  role  in  his  com¬ 
pany’s  infrastructure.  Robbins 
says  he  is  looking  at  IBM’s  new 
Cell  blade  and  BladeCenter  H 
to  possibly  support  image-heavy 
design  applications. 

“We  have  to  deliver  a  lot  of 
resource-demanding  applications 
like  Illustrator  and  PhotoShop 
with  large  files  because  of  the  art¬ 
work  involved  with  designing 
clothes,”  Robbins  says. 

“The  throughput  that  the  new 
system  offers  with  the  speed  in¬ 


creases  would  allow  us  to  push 
those  files  around  more  effi¬ 
ciently.  So  people  aren’t  wasting 
their  time  waiting  for  downloads 
to  their  desktops,”  he  adds. 

The  key  is  that  the  lOGbps 
throughput  between  the  blades 
and  network  modules  opens  the 
door  to  higher-performing  net¬ 
work  links. 

IBM,  for  example,  unveiled  a 
jointly  designed  Cisco  4x  Infini¬ 
Band  switch  module  that  pro¬ 
vides  four  times  the  InfiniBand 
throughput  of  existing  Blade- 
Center  options. 

Other  vendors  also  introduced 
products  to  support  the  higher 
throughput.  Myricom,  for  in¬ 
stance,  announced  a  suite  of 
lOGbps  products, including  Ether¬ 
net  and  Myrinet  network  cards 
designed  specifically  for  the 
BladeCenter  H.B 


Bolstering  Blades 

IBM  unveiled  its  next  generation  BladeCenter  H  with  enhanced 
network  capabilities,  including  support  for  40GB  of  bandwidth 
to  each  blade.  A  rundown  of  IBM’s  blade-related 
announcements: 

•  The  package:  BladeCenter  H  provides  10  times  the  bandwidth  of  the  existing 
BladeCenter  and  supports  a  custom-designed  Cisco  4X  InfiniBand  switch  to  speed 
connections.  Available  in  March,  pricing  starts  at  S3, 850. 

•  Virtually  there:  The  dual-core  PowerPC  970-based  J821  brings  native  Power- 

based  virtualization  technology  to  blades  for  the  first  time.  Available  in  March, 
pricing  starts  at  $2,500,  _  • 

•  Cool  down:  The  low-power,  dual-core,  Xeon-based  HS20  offers  a  50%  performance 

improvement  with  about  half  the  power  demands  of  today's  Xeon-based  blades. 
Available  in  April,  pricing  starts  at  SI ,750.  _ _ 

•  Cell  level:  IBM’s  first  product  based  on  the  Cell  Broadband  Engine,  a  Power- 
inspired  architecture  developed  by  IBM,  Sony  and  Toshiba.  The  nine-core  chip 
is  used  in  gaming  devices  today,  and  IBM  is  targeting  the  blade  server  at  such 
workloads  as  medical  imaging  and  digital  media.  The  Cell  blade  is  available  now 
via  special  bids  and  is  expected  to  be  generally  available  in  the  third  quarter. 
Pricing  has  not  been  released. 


IronPort,  others  shine  at  Demo  ’06 


BY  CARA  GARRETSON 

PHOENIX  —  Last  week’s  Demo  ’06  confer¬ 
ence  showcased  a  wide  variety  of  new  offer¬ 
ings  designed  for  consumer  and  business 
use,  ranging  from  vertical  search  engines  to 
identity  theft  protection  —  and  even  a  high- 
tech  ice-cream  machine. 

Roughly  70  companies  presented  new  prod¬ 
ucts  at  the  event,  which  is  owned  by  Network 
World. 

IronPort  announced  an  appliance  designed 
to  keep  Web-based  threats  —  including  spy- 
ware,  viruses,  keylogging  and  phishing  —  from 
entering  an  organization. The  S-Series  appli¬ 
ance,  slated  to  be  available  this  summer,  aims 
to  do  for  Web  traffic  what  IronFbrt’s  existing 
appliances  do  for  e-mail  —  catch  malware  at  a 
company’s  gateway 

The  appliance  includes  IronPort’s  Web-repu- 
tation  filters,  announced  last  month,  which 
assess  each  Web  site  encountered  based  on  a 
number  of  factors  to  produce  a  detailed  score, 
says  Pat  Peterson,  CTO  of  IronPort.  These  fac¬ 
tors  include  how  long  the  site  has  been  in  exis¬ 
tence,  whether  it  contains  downloadable 


nww.com 

Week-long  coverage 

Follow  along  with  all  of  Network  World's  stories  that 
came  out  of  the  show  last  week. 

Doc  Finder:  2143 


code,  changes  in  the  volume  of  visitors  to  the 
site,  and  if  the  URL  includes  a  typo  of  a  popu¬ 
lar  domain  and  therefore  may  be  masquerad¬ 
ing  as  it. 

The  Web-reputation  filters  can  block  down¬ 
loaded  content  from  these  sites,  based  on  cus¬ 
tomer-configured  policies. 

A  number  of  other  companies,  including 
Blue  Coat,  Finjan,  McAfee  and  SonicWall,have 
offerings  designed  to  cleanse  Web  traffic  com¬ 
ing  into  an  organization,  says  Paul  Stamp,  an 
analyst  at  Forrester  Research.  IronPort  may 
face  some  challenges  competing  with  these 
companies  because  it  is  relatively  new  to  the 
Web  security  market,  he  says. 

“Using  reputation  services  to  augment  stan¬ 
dard  content-filtering  adds  a  nice  advantage 
over  what  everyone  else  has,  but  Web  filtering 
is  more  about  network  security  than  messag¬ 
ing  securityso  IronPort  is  often  going  to  be  sell¬ 
ing  to  a  different  customer  from  their  messag¬ 
ing  solution,”  Stamp  says. “Network  guys  are  a 
lot  more  bothered  about  latency  and  through¬ 
put  than  messaging  guys.” 

Exact  pricing  for  the  S-Series  has  not  been 
announced,  but  the  company  says  a  midsize 
enterprise  would  pay  about  $25,000. 

Other  news  at  Demo  ’06  included: 

•  LogLogic  introduced  its  LogLogic  Com¬ 
pliance  Suite, which  is  designed  to  give  admin¬ 
istrators  relief  from  having  to  scan,  dissect  and 
interpret  the  overwhelming  number  of  log 
entries  created  in  an  organization.  With  an  eye 
toward  compliance,  LogLogic  collects  logs 
from  applications,  devices,  servers  and  operat¬ 
ing  systems,  and  presents  them  through  a  sim¬ 


ple  Web-based  interface,  making  it  easier  for 
administrators  to  ensure  a  company’s  events 
and  actions  comply  with  regulations  and  com¬ 
pany  policies,  company  officials  say.  The 
LogLogic  Compliance  Suite  is  priced  at  about 
$10,000. 

•  Avokia  demonstrated  ApLive,  designed  to 
reinforce  the  availability  of  enterprise  data. 
ApLive  virtualizes  the  database  layer  by  per¬ 
forming  real-time  transaction  replication  and 
load  balancing  across  databases  to  lessen  the 
need  for  scheduled  downtime  and  avoid 
unplanned  downtime,  company  officials  say 
ApLive  is  priced  starting  at  $27,000  per  data¬ 
base  CPU. 

•  StrikeForce  Technology  showed  the 
Demo  audience  what  hackers  might  see 
when  they  install  keyloggers  on  an  unsus¬ 
pecting  PC:  credit  card  information  being 
typed  into  a  Web  site  and  simultaneously 
being  recorded  by  a  keylogger.  The  compa¬ 
ny’s  WebSecure  product  is  a  Web  browser 
plug-in  that  automatically  encrypts  key¬ 
strokes  and  routes  them  directly  to  a  brows¬ 
er,  skipping  a  number  of  holes  that  keylog¬ 
gers  take  advantage  of  to  intercept  personal 
information. The  product  is  slated  for  release 
in  the  second  quarter  and  will  cost  $29.95.  It 
will  initially  work  with  Internet  Explorer,  with 
other  browsers  to  follow. 

•  Astav  showed  its  NoPhish  technology, 
which  protects  users  from  identity  theft  by  let¬ 
ting  them  enter  their  passwords  into  a  Web  site 
from  their  cell  phones  by  making  a  phone 
call.  Availability  and  pricing  has  not  been 
announced.* 


16  •  www.networkworld.com  •  2.13.06 


Anatomy  of  a  phone  tap 

Acting  on  behalf  of  law  enforcement,  carriers  tap  into  phone 
lines  at  a  central  office  and  transmit  information  over  a 
private  line  to  law  enforcement. 

User  Carrier  central  office  User 


Wiretapping 

continued  from  page  1 

Once  a  warrant  is  issued,  de¬ 
pending  on  time  constraints  sur¬ 
rounding  the  investigation,  it  is 
either  faxed  directly  to  the  service 
provider  or  physically  presented 
by  law  enforcement.  In  this  sce¬ 
nario,  it  might  be  the  FBI,  acting 
on  behalf  of  the  NSA. 

Under  the  federal  Communica¬ 
tions  Assistance  for  Law  Enforce¬ 
ment  Act  (CALEA)  of  1994,  carri¬ 
ers  are  required  to  have  a  proce¬ 
dure  and  technology  in  place  for 
intercepting  calls. 

The  most  common  type  of  tap  is 
a  pen  register  (otherwise  known 
as  trap  and  trace),  which  pro¬ 
duces  a  log  showing  what  num¬ 
bers  were  called,  and  the  dates, 
times  and  durations  of  the  calls. 
The  second  type  intercepts  the 
content  of  the  call. 

“There  are  tens  of  thousands  of 
trap  and  trace  interceptions  vs. 
thousands  of  content  intercep¬ 
tions  each  year  because  they  are 
much  easier  to  do,”  says  John 
Morris,  staff  counsel  at  the  Center 
for  Democracy  and  Technology 
(CDT)  in  Washington,  D.C. 

The  way  it  works  is  that  a  carrier 
taps  into  a  digital  switch  at  its  cen¬ 
tral  offices  or  at  an  aggregation 
point  and  programs  in  what  num¬ 
ber  will  be  traced  or  what  calls 
will  be  intercepted. 

Once  the  information  is  gath¬ 
ered,  it  is  sent  via  a  private  link 
paid  for  by  law  enforcement  to 
the  agency  that  requested  it.  That 
could  be  the  FBI  or  another  feder¬ 
al  law  enforcement  agency,  such 
as  the  Drug  Enforcement  Agency 
or  Bureau  of  Alcohol,  Tobacco 
and  Firearms. 

“Phone  tapping  has  been  going 
on  for  more  than  20  years,  it’s 
nothing  newf  says  David  Holtz- 
man,  a  security  expert,  former 
CTO  of  Network  Solutions,  and 
author  of  the  upcoming  book 
Privacy  Lost.  “It’s  a  very  simple 
thing  to  get  a  warrant  to  intercept 
communications.” 

But  what  has  changed  signifi¬ 
cantly,  according  to  experts,  is  the 
role  that  carriers  and  service 
providers  play 

“In  the  past,  the  government  or 
law  enforcement  didn’t  need  the 
carrier’s  help,”  Morris  says.  They 
would  develop  their  suspicions 
bout  a  particular  individual  and 
levelop  a  good  faith  reason  why 
it  individual  would  be  commu- 
leating  over  a  phone  line.  They 
would  then  go  to  a  court,  get  a 


warrant  and  literally  walk  into  the 
phone  company’s  central  office 
and  tap  into  the  copper  line  with 
alligator  clips.” 

With  fiber  replacing  copper 
wires,  the  deployment  of  digital 
switches  at  the  central  office,  and 
the  burst  of  cellular  and  Internet 
traffic,  law  enforcement  now 
depends  on  the  expertise  of  ser¬ 
vice  providers  to  help  carry  out 
interception  warrants,  Morris  says. 

It's  the  law 

Three  U.S.  laws  compel  carriers 
and  other  communications  pro¬ 
viders  to  participate  in  lawful 
interceptions: 

1.  Title  III  of  the  Omnibus  Crime 
Control  and  Safe  Streets  Act  of 
1968  (also  known  as  Title  XVIII). 

2.  The  Foreign  Intelligence  Sur¬ 
veillance  Act  (FISA)  of  1978. 

3.  CALEA  of  1994. 

Title  III  covers  domestic  surveil¬ 
lance,  and  FISA  deals  with  matters 
involving  foreign  powers,”  says 
Kevin  DiLallo,  partner  at  the 
Levine,  Blaszak  &  Boothby,  LLP 
law  firm  in  Washington,  D.C.  He 
adds  that  CALEA  explains  the  role 
of  communications  providers  in 
helping  law  enforcement  carry 
out  wiretaps. 

In  addition,  the  Patriot  Act  of 
2001  widened  the  scope  of  lawful 
interception.  Crimes  were  added 
to  the  list  of  those  that  could  be 
investigated  with  the  help  of  wire¬ 
taps,  and  warrants  for  wiretaps  no 
longer  have  to  be  sought  where 
the  wiretapping  will  occur.  Today, 
courts  can  issue  a  warrant  for  a 
roving  wiretap  that  allows  for 


“blanket  authority  to  wiretap  any¬ 
where  in  the  U.S,”he  says. 

Under  these  laws,  agencies  must 
seek  a  warrant  from  a  U.S.  district 
court  for  domestic  calls  or  the 
FISA  court,  a  private  court 
appointed  by  the  chief  justice  of 
the  Supreme  Court  for  calls 
involving  foreign  parties. 

Certain  ISPs,  including  Internet 
access  providers  and  intercon¬ 
nected  VoIP  service  providers,  are 
also  required  to  have  procedures 
in  place  to  carry  out  warrants, 
according  to  an  FCC  ruling  last 
year.  For  instance,  non-facilities 
based  providers  such  as  Vonage 
would  be  covered  in  this  ruling. 
However,  there  isn’t  a  universal 
method  for  doing  this. 

One  network  expert,  who  re¬ 
quested  anonymity  outlined  a  few 
possibilities  such  as  DSL  pro¬ 
viders  replicating  the  ATM  virtual 
circuit  from  a  subscriber’s  DSL 
modem,  cable  providers  duplicat¬ 
ing  Ethernet  and  IP  traffic  cross¬ 
ing  the  cable  to  the  ISP;  dial-up 
providers  taking  point-to-point 
protocol  traffic  using  the  IETFs 
AAA  authentication  standard. 
Wireless  taps  often  are  done  like 
cable  taps,  at  an  intercept  point. 

“With  all  of  these,  it’s  done  as 
close  to  the  subscriber  as  the  ISP 
can  get  for  the  simple  reason  that 
if  that  weren’t  true,  some  sub¬ 
scriber  traffic  would  evade  the 
intercept  point,”  he  says.  He  adds 
that  these  methods  also  are  the 
least  expensive  for  ISPs  and  have 
the  least  impact  on  overall  net¬ 
work  performance. 

In  addition,  the  IETF  is  working 


on  creating  standards  for  wiretap¬ 
ping  of  electronic  communica¬ 
tions  outside  of  the  phone  system. 
For  example,  RFC  3924,  published 
in  2004,  provides  information 
about  how  to  build  wiretap-ready 
systems. 

Your  data  or  mine? 

Once  law  enforcement  receives 
wiretap  data  from  communica¬ 
tions  providers,  it  must  do  two 
things:  minimize  it  (parse  through 
the  information)  and  mine  it, 
according  to  Winn  Schwartau, 
author  of  Cybershock  and 
Information  Warfare. 

Before  an  agency  can  analyze 
traffic  and  content,  it  must  mini¬ 
mize  what  has  been  sent  by  the 
communications  provider.  Car¬ 
riers  intentionally  send  more  traf¬ 
fic  and  content  than  is  necessary 
because  they  are  not  given  specif¬ 
ic  details  of  what  law  enforce¬ 
ment  is  looking  for,  because  that 
might  jeopardize  a  case,  accord¬ 
ing  to  the  CDT’s  Morris. 

For  instance,  carriers  would 
intercept  all  traffic  from  Mr.  Jones 
even  if  law  enforcement  only 
needs  to  know  how  many  times 
Mr.  Jones  called  Mr.  Smith. 

Therefore,  it’s  up  to  law  enforce¬ 
ment  to  minimize  it,  and  only 
keep  what  it  needs  for  that  case, 
Morris  says.  He  adds  that  the  FBI 
has  two  types  of  agents  working 
on  intercepts:  those  who  do  the 
minimization  and  those  who  do 
the  analysis,  so  that  agents  investi¬ 
gating  cases  are  not  exposed  to 
unauthorized  information. 

Once  the  minimization  is  done, 
the  analysis  begins.  Much  of  the 
initial  analysis  of  content  and  pen 
registers  is  automated.  Data  com¬ 
ing  in  is  run  against  up-to-the- 
minute  database  algorithms  that 
look  for  patterns  in  calls  or  key¬ 
words  that  show  relevance  to  cur¬ 
rent  events  and  threats. 

“With  pen  registers,  they  analyze 
the  logs  to  see  who’s  calling  who 
and  how  often  —  this  is  what  is 
called  chatter,”  Schwartau  says. 
“With  content,  you  look  for  key 
words  and  phrasing.  You  keep 
modifying  the  algorithms  so  that 
detection  methods  become  more 
finely  tuned  and  smarted 

If  the  algorithms  flag  a  call  or 
identifying  call  information,  then 
the  issue  is  passed  on  to  a  person. 
For  instance,  with  content,  if  key¬ 
words,  or  trigger  words,  are  detect¬ 
ed,  the  call  could  be  sent  to  an 
Arabic  translator  for  further  inves¬ 
tigation. This  filtering  saves  on  the 
amount  of  human  resources 


needed  by  law  enforcement, 
Schwartau  says. 

In  the  case  of  encrypted  traffic, 
communications  providers  are 
under  no  obligation  to  decrypt  it 
unless  they  encrypted  it  in  the  first 
place,  according  to  CALEA.  Other¬ 
wise,  it’s  up  to  law  enforcement  to 
figure  out  how  to  decrypt  packets. 

“If  I  were  law  enforcement,  I 
would  assume  that  any  piece  of 
encrypted  communication  is  sus¬ 
picious  and  examine  it,”Holtzman 
says.  However,  encryption  is  not 
much  of  a  deterrent  for  the  gov¬ 
ernment  because  they  have  the 
top  cryptographers  at  their  dis¬ 
posal,  he  adds. 

Law  enforcement  is  obligated  to 
toss  out  after  a  certain  period  of 
time  any  information  that  was 
gathered  before  the  minimization 
process.  However,  it  is  under  no 
obligation  to  delete  information 
that  is  relevant  to  a  warrant. 

“Storage  is  pretty  cheap  and 
they  need  it  for  post-analysis  such 
as  historical  relevance  and  pat¬ 
tern  spotting,”  Schwartau  says. 

Warrantless  wiretaps 

While  communications  pro¬ 
viders  are  required  by  law  to  assist 
in  warranted  wiretapping,  some 
experts  speculate  they  are  doing 
so  even  in  cases  where  there  is  no 
warrant  —  either  actively  partici¬ 
pating  or  merely  looking  the  other 
way. 

One  security  expert  says  it  is  in  a 
carrier’s  best  interest  to  cooperate 
even  in  warrantless  interceptions 
because  of  the  damage  that  could 
come  to  their  lines  from  non- 
experienced  personnel  trying  to 
tap  into  the  line.  “As  a  practical 
business  matter,  they’d  want  to 
assist  law  enforcement  to  avoid 
risk  to  their  cables  or  degradation 
in  performance  to  the  network  — 
they’d  want  to  be  involved  in  any¬ 
thing  that  has  to  do  with  their  con¬ 
nections,”  he  says. 

Gittlen  is  a  freelance  technology 
editor.  She  can  be  reached  at  sgit 
tlen@charter.net. 


nww.com 

Carriers  acquiesce 

Are  the  carriers  complying  with  warrant¬ 
less  requests  for  wiretaps?  Go  online  for 
more  information. 

Docfinder:  2142 


THE  SERVER  FOR  COMPANIES  WHOSE  LT. 
DEPARTMENT  IS  LARRY. 


Small  I T  department  facing  big  demands7  A  PC -based  network  can 
only  take  you  so  tar  Enter  the  IBM  eServer”  xSene s*  100  Express 

Its  more  robust  More  available  More  functional.'  Not  only  is  it 
designed  to  help  increase  productivity  and  lower  your  computing 
costs,  you  can  also  expand  your  capabilities  as  your  1 7  needs 
evolve  Plus  it's  easy  to  install,  thanks  to  IBM  ServerGuide" 

What  's  more  you  can  keep  your  technology  current  while  helping  to 

reduce  costs  through  IBM  Global  Financing 

The  x  100  Express  comes  with  Intel *  reliability  -  and  a  whole  lot 

more  Why  not  put  it  to  wort  lor  you? 


IBM  eServer'  xSeries  100  Express 


Affordable  reliable,  easy  to  manage  xSenes  servers  #itti  inieT  Pentiunf  Processors 

Intof  Pentium* 4  Processor  and  Pentium  0  (dual  com)  Processors 

One  wtvtowrx 

Up  to  SOUGP  oi  stougr  wim  2  SATA  two  disk  <jn«ev 


(Orr«f  concur at  ms  as  low  »i  IMS 


SsrwGu**  tor  easy  systems  setup  and  configuration 
ECC  error  correcting  memory  tor  critical  server  data  protection 
Umned  earrarty  1  year  arv-sito* 


IBM  BladeCenter  HS20  Express 

$1,839  OP>n  ...'ihpu'it.  J1  w 

ISM  f  uumctae  Ae**«tee«  SW  >  >  ”  ' 

Up  tf  tee.  ink*1*  Xeorf  Processors  s  dOGHiVME  BM  Owactor  to  ha$  untor  usage  pertor-arcr 
Lip  to  w  buries  pei  cheats  Umaed  aaranty  1  year  on  -sae* 

Supports  bom  3?  enoM-M  «phcjexvts 


bM  TotalStorage*  DS400  Express 

fr.i-  $8,495'  OtTws-  .A  *  .jur  .  .  ■.  43  ;f)was.  14  9% 

ISM  A4v*ftUg«  1234 

3t  reai  mcut  ertry  *vet  mtr  up  to  fee  controller.  Starts  M  34GB/  scales  to  Vdb* 

(  2GB  Eton  Owtntohotfcanciwly  Umtod  «arranfy  1  year  on *tr 


" Double  Your  Memory  “  at  no  additional  cost.  Now  get  double  your  memory  at  no  extra  charge  when  you  purchase  select  IBM  eServer  xSeries 

and  BudeConter  Express  systems  by  March  13.  2006 1 


ibm.com/systems/innovate20  1  866-872-3902 


**»  m  M/.  ca«<eM  mm  *»<•« 
to  wny  r  Mr  JM  Sur  MW  ms  * 

"to  kw  *  tonkwmwruue 


ewe  •  0  toatof  3  MBS  iSu*  m*  mi  ms* i— a  s  satopetoK  toeeMn  s<»»  a 

•  *e  mm  ornm  mv*  •  mm  mm*  t  Camera"  momm  mxmmm 


m  M*n  imm  tm  w  mJUmmi  «e  mm  «•  *ari  tmmt  *  m*  •*  w* 
ijm  atoau  K*ui  J  l>*  add*;  a  Mr  jtmmm  tmt  rMtU  Dmm  tow  tom 


m 


4 


m 


Me  * 


■emus.  »  *J»M» i*ui a  «4 a***, nee  W)  P****!*#*  stolid  fe*wu>'*r  f>m touvnar  «*i  tows..  . 
Pact  Jarg n»watt  !toto«a  <wa  wf  ncu>n  Mt  tw  Tpearma  atom  m  Ktototoiat  » 
gee  •  a  mm  MMrvea  2  IM  ee*n  •  iueem  seyi  I  Ovxee  m  mim  -a**"  4  ■ 
jemapjiMi  t  iwtoj  « »»■«»  Ob  -•  *f»  .  Miru  juy  to  Mae  stoM*  5  »WC*« 

i  SMtoi  uaet  toMMteiMM  ill*  mm er  I  vnuwi'.ie  O^i  '■endin'  1,  miWUi  tow 
— toniwMfe»te<-  MM  »e>S <e»  «8»<m  'SeMM. SMtoUrM  ,  ~«j» 

■■to  MN>et««s  «■»  awn  ant  itoe  torae  a*  Xmewic  *1 4jafcat  vaMn**:  J  Mat  C. a*» 

Mr.  C  JJK  fcM  Cayjto/  U  «mt<M 


18  •  www.networkworld.com  •  2.13.06 


“For  us,  ‘can’t 
get  e-mail’ 
can  mean 
just  about 
anything.” 

Jim  Klein,  director  of  infor¬ 
mation  semices  and  tech¬ 
nology  at  the  Saugus  Union 
School  District 


EDWARD  CARREON 


years  ago  while  working  at  In- 
vesco  Funds  Group  in  Denver  is 
the  funniest  of  his  13-year  career. 
A  user  called  to  say  that  his  com¬ 
puter  had  frozen. 

“I  joked  that  the  system  might 
be  cold,  but  I  would  be  down  to 
look  at  [it]  right  awajf  Connelly 
says.“I  worked  on  the  ninth  floor, 
and  the  system  was  on  the  first 
floor.  When  I  got  to  the  desk  to 
look  at  the  system,  the  user  had 
put  his  jacket  over  the  monitor 
because  he  thought  if  he  warmed 
the  system  up  it  would  unfreeze.” 

While  requests  such  as  those 
can  be  blamed  on  naivete,  others 
are  more  bizarre.  Barry  Nance, 
another  member  of  the  Network 
World  Lab  Alliance  who  runs 
Network  Testing  Labs,  remembers 
dealing  with  a  user  in  the  mid- 
1990s  who  wanted  to  avoid  hefty 
telco  charges  to  connect  the  net¬ 


works  of  two  adjacent  buildings. 

“The  business  owner,  because 
the  two  buildings  were  fairly 
close,  proposed  feeding  a  wire 
between  the  two  and  he  wanted 
someone  to  actually  knot  a  net¬ 
work  cable  to  an  arrow,  climb  to 
the  roof  and  shoot  the  arrow 
between  the  buildings,”  Nance 
says.“We  had  to  disabuse  him  of 
the  idea.” 

Nance  and  his  colleagues 
explained  that  the  hanging  cable 
probably  wouldn’t  look  nice. “The 
business  owner  eventually  bit  the 
bullet  and  paid,”  he  says. 

Other  users  aren’t  so  easily 
convinced. 

Katherine  Stroud,  manager  of 
network  and  systems  technology 
at  Bloomington  Hospital  and 
Healthcare  Systems  in  Indiana, 
remembers  when  a  user  called  to 
complain  that  envelopes  were 


printing  upside  down. 

“1  told  her  she  had  loaded  them 
incorrectly  and  if  she  turned 
them  the  other  way  it  would  be 
fine.  She  insisted  that  they  were 
absolutely  loaded  correctly  the 
same  way  she  always  loaded 
them,”  Stroud  says.“So  I  lifted  the 
cover  of  the  printer,  took  out  the 
toner  cartridge  and  gave  it  a  good 
shake,  reassembled  the  printer, 
turned  the  envelopes  the  other 
way  in  the  document  feeder,  and 
proclaimed  that  I  had  fixed  it.” 

Jim  Klein,  director  of  informa¬ 
tion  services  and  technology  at 
the  Saugus  Union  School  District 
in  California,  isn’t  surprised  when 
he  gets  odd  requests,  because 
most  of  his  users  have  been 
doing  their  jobs  without  comput¬ 
ers  for  decades. 

“Our  most  popular  service 
request  is  user  can’t  get  into 
their  e-mail,”  he  says. 

“Typically,  the  conversation 
goes  something  like  this:  User:  I 
can’t  get  into  my  e-mail. Tech: 
What  happens  when  you  try? 
User:  Nothing,  it  doesn’t  work. 
Tech:  Do  you  get  any  error  mes¬ 
sages?  User:  No,  I  can’t  even 
open  it.Tech:  Well,  what  do  you 
see  on  your  screen?  User: 
Nothing. Tech:You  mean  it’s 
black?  User:Yes.Tech:  Is  your 
computer  on?”  he  says. 

“For  us, ‘can’t  get  e-mail’  can 
mean  just  about  anything,”  Klein 
says.“We  now  always  ask, ‘Is  your 
computer  turned  on?’  first.” 


Sometimes  the  source  of  com¬ 
puter  issues  is  hidden  by  the 
users  unknowingly,  forcing  the  IT 
professional  into  the  role  of 
detective. 

Jason  Kennedy  senior  analyst 
and  system  engineer  at  Tsunami 
Communications  in  Vancouver, 
Canada,  for  example,  once  got  a 
call  from  a  user  saying  her  desk¬ 
top  applications  such  as  Word¬ 
Perfect  “simply  were  not  working" 
on  a  regular  basis. 

“I  made  a  visit  to  her  desk, 
which  was  clear  of  any  personal 
items,  and  was  quickly  able  to 
recover  all  her  files. When  I  left, 
everything  seemed  to  be  working 
perfectly  fine,”  he  says. 

When  the  user  called  the  next 
day  reporting  the  same  problem, 
Kennedy  told  her  not  to  touch  a 
thing  on  her  desk. 

“Sure  enough  when  I  got  there 
she  had  magnets  all  around  her 
workspace,  which  were  the  cul¬ 
prits  and  caused  the  same  prob¬ 
lem  to  happen  over  and  over 
again  until  she  removed  them,” 
he  says.  ■ 


Got  great  ideas? 


■  Got  a  suggestion  for  a  Wider  Net 
story?  An  offbeat  network  industry- 
related  topic?  A  fascinating  person¬ 
ality  we  should  profile?  Contact 
Bob  Brown  with  your  ideas  at 
bbrown(a)iiww.com. 


Cisco  launches  security  mgmt  platform 


Requests 

continued  from  page  1 

the  day  I  stop  laughing  at  some 
of  the  things  people  think  we 
should  and  can  do.” 

Ross  McKenzie,  IS  director  at 
Johns  Hopkins  Bloomberg 
School  of  Public  Health  in 
Baltimore, says  he  got  a  call  at  his 
home  one  Friday  night  from  a 
well-respected  user  who  was  fran¬ 
tic  because  he  couldn’t  reach  his 
online  banking  sites. 

“The  user  apologized  for  incon¬ 
veniencing  me,  but  told  me  he 
had  already  called  91 1  and  was 
told  to  call  me.  By  now  I’m  fully 
awake  and  out  of  bed. The  user 
goes  on  to  tell  me  he  is  sure  that 
the  Internet  is ‘under  attack,”’ 
McKenzie  says. 

McKenzie  says  he  logged  on  to 
check  things  out  himself  and 
found  the  Internet  to  be  respond¬ 
ing  as  normal. 

“I  e-mailed  him  and  reported 
this.Then  I  asked  if  he  had 
changed  any  of  his  software  pro¬ 
grams  lately  He  reported  that  he 
had  installed  a  new  version  of  his 
browser  that  same  night,”  McKen¬ 
zie  says.“l  asked  him  to  see  if  he 
had  enabled  cookies  and  sent 
him  a  short  explanation  of  how 
to  do  that.  His  reply  and  coinci¬ 
dentally,  the  last  time  I  ever  heard 
from  him,  was  ‘Oh  . . .  thanks. 
Never  mind  about  the  attack.’” 

While  troubles  with  the  Internet 
and  e-mail  account  for  a  large 
number  of  requests  to  IT  staff,  the 
systems  remain  a  mystery  to 
many  users. 

Todd  Fink, senior  telecommuni¬ 
cations  administrator  at  Premier 
Bankcard  in  Sioux  Falls,  S.D., says 
he  once  got  a  request  from  a 
user  looking  for  another  coffee 
holder  for  his  computer. 

“I  asked  him  what  he  meant  by 
another  coffee  holder  and  he 
said, ‘You  know,  the  one  that  pops 
out  of  the  PC,”’  Fink  says.“He 
thought  the  CD-ROM  drive  was  a 
cup  holder” 

Randy  Connelly  says  a  system- 
related  request  he  got  about  10 


Add  your  stories 

■m  your  own  interesting  stories  about 
•bat  a  user  called  you  down  the  hall  for? 


•hare  them  in  our  forum. 

'iadar:  2144 


BY  TIM  GREENE 

Cisco  this  week  at  the  RSA  Conference  is  ex¬ 
pected  to  roll  out  a  security  management  plat¬ 
form  that  lets  users  define  policies  via  a  graph¬ 
ic  interface,  then  distribute  them  to  network 
devices  that  will  enforce  them. 

Called  Cisco  Security  Manager,  the  software 
is  integrated  with  Cisco’s  existing  monitoring, 
analysis  and  response  system  (MARS)  to  cre¬ 
ate  Cisco  Security  Management  Suite. 

This  is  a  significant  leap  for  Cisco,  whose  ele¬ 
ment  management  platforms  had  no  unifying 
security  policy  tools, says  Joel  Conover,  an  ana¬ 
lyst  with  Current  Analysis.  Customers  would 
have  to  create  policies,  figure  out  what  devices 
would  be  needed  to  enforce  them,  then  con¬ 
figure  the  devices.  “Each  piece  was  separate 
and  you  had  to  piece  it  together.  It  was  the 
Frankenstein  of  network  management," he  says. 

A  customer  beta  testing  the  platform  says 
Security  Manager  can  save  administrative  time 
by  allowing  access  to  more  devices  from  one 
console.“It  gives  you  a  single  interface  to  mul¬ 


tiple  devices,” says  Jack  Brahce.an  analyst  with 
Analysts  International.  Before,  the  company 
had  to  use  separate  consoles  to  configure  dif¬ 
ferent  families  of  devices. 

The  software  gives  users  several  views  of  a 
network,  including  individual  devices,  a  topol¬ 
ogy  map,  a  policy  view  and  a  portrayal  of  VPNs. 
“This  is  a  manager  of  managers  for  security’ 
says  Rob  Whiteley  an  analyst  with  Forrester 
Research. “It  lets  you  create  one  policy  set  for 
security  and  networking  topology  which  is 
important  since  they  are  so  intertwined.” 

With  its  integration  with  MARS,  Security 
Manager  can  be  used  as  a  tool  to  determine 
how  to  react  to  intrusions.  If  MARS  detects  an 
event,  network  security  staff  can  use  Security 
Manager  to  find  out  what  devices  were  in¬ 
volved  and  what  policy  rule  triggered  the  alert. 
Security  staff  can  create  a  new  policy  to  deal 
with  similar  events  and  distribute  it  to  the 
appropriate  machines. 

Cisco  also  plans  to  announce  that  it  is 
adding  an  option  to  its  ASA  5500  series  for 


software  that  filters  viruses,  spam,  URLs  and 
phishing  attempts.lt  comes  on  a  separate  hard¬ 
ware  blade  called  Content  Security  and  Con¬ 
trol  Security  Services  Module.“It  creates  bor¬ 
der  security  in  one  device  on  a  single  man¬ 
agement  platform,”  Brahce  says. 

This  fills  out  features  and  integrates  Trend 
Micro  software  that  was  already  available 
on  Cisco  gear.  “This  makes  the  ASA  more 
capable  as  a  stand-alone  security  appli¬ 
ance,”  Whiteley  says. 

Cisco  also  is  announcing  full  SSL  VPN  sup¬ 
port  on  its  ASA  5500  and  10S  routers.  While 
the  ASA  5500  had  some  SSL  support,  it  did 
not  have  all  the  features  of  the  Cisco  3000 
concentrator. 

“The  ASA  was  a  different  version. This  adds 
features  like  cache  cleaning  the  client  and 
Web  deployment  of  the  IPSec  client,”  Brahce 
says.  With  full  SSL  support,  the  ASA  con¬ 
tends  with  the  Cisco  3000s  because  it  can 
support  a  firewall,  VPN  and  the  Trend  Micro 
software,  he  says.B 


2.006  •  vtaorV*  •  •  ■ 


‘Certified  e-mail'  plans  draw  mixed  reactions 


gr  JOHN  l-ONl  ANA 

Whitt-  the  giant  e- mail  prmidri* 
battle  again*  and  In 

trrnei  m  ammer*  Urahhuvide 
•Aart-uji*  and  rtftrr  small  vendor* 
an-  gearing  up.  hoping  In  ignite 
the  rmwr-vi  fighl  again*  main  hiu* 
inn-  of  e-mail  and  thp  Intern** 

La*  vw*rk  M X*  Google  M icro- 
soli  and  YahrHi  became  Hash 
j  am  it*  in  thp  Kpam  blacklisting 
and  onllnp  reputation  deflates 
Yahoo  and  MH.  %atd  in  the  next 
tew  mouth*  they  would  begin 
offering  legitimate  bulk  e-mail 
iiender*  thp  option  of  paying  to 
c  ertify  delivery  of  email  to  u*rr* 

In  the  United  Kingdom  a  num 
tier  of  r*>tail  oompanm  actuKd 
Microsoft  of  unfairly  blacklisting 
them  and  cutting  them  oil  from 
Hotmail  u*ers  And  Google  ramed 
eyebrow*  in  giving  BMW  die 
Vmogk-  death  v-ntenoe'by  drop 
ping  ttie  rarmakrr  *  meanh  rating 
to  aero  afti-t  BMW  sjHki-d  it*  WH> 


site  to  manipulate  sra/cti  result* 

The  tea*-*  all  shed  light  on  the 
fart  that  the  Internet  continue*  to 
be  a  rough  place  to  do  business 
The  problem  t*  no  more  apparent 
than  with  email,  where  spammer* 
have  been  winning  a  cat-and- 
mouse  game 

In  an  effort  to  restore  confi¬ 
dence.  companies  such  as  certifi¬ 
cation  vendor  Goodmail  Systems 
and  a  *ealth  start-up  working 
behind  the  WW>  address  Karma 
sjihere  com  are  planning  to  intro¬ 
duce  authorization,  accreditation 
and  reputation  systems  that  may 
help  deanse  in-boxes  and  push 
the  cost  of  spam  onto  spammer* 

AOL  and  Yahoo,  which  will  be¬ 
come  Good  mail*  first  active  cus¬ 
tomers.  view  their  services  as 
being  in  that  vein 

List  week,  heseever.  critics  said 
the  services  would  not  help  curb 
spam,  while  others  accused  AOL 
and  Yahoo  of  taxing  legitimate  e- 


rrvail  sender* 

This  is  not  a  spam-reduction 
measure,*  savs  Andrew  Lnchart. 
senror  director  of  marketing  for 
anti-spam  vendor  Bntini  ‘ft  is  a 
way  for  a  legitimate  merchant  to 
avoid  getting  a  fahe  positive  in  an 
AOL  spam  fitter' 

AOL  agrees  with  that  general 
assessment  and  savs  the  certified 
mail  service  is  but  one  delivery 
option,  in  addition  to  AOLs  free 
whitefist  service  and  plain  old 
Internet  e-mail  service. 

"We  heard  from  our  sender*  that 
they  wanted  other  delivery 
options.*  saw  Nicholas  Graham, 
an  AOL  spokesman,  who  empha¬ 
sized  the  service  a  optional 

DMA  signals  support 

The  Direct  Marketing  Associ¬ 
ation.  which  has  nearly  5,000 
members,  including  55  Fortune 
100  companies,  classified  the 
AOL  service  as  a  complement  to 


regular  e-mail  delivery  and  advis¬ 
es  members  to  consider  it  fcir  cer¬ 
tain  campaigns,  such  as  deliver¬ 
ing  Web  links,  which  AOL  nor¬ 
mally  blocks 

The  AfX.  and  Yahoo  services  are 
expiring  new  attempts  to  dean 
up  e-mail  using  techniques 
around  authenticating  senders 
via  such  technologies  as 
SenderlD  orYahtnis  DomainKrw. 
and  by  establishing  online  reputa¬ 
tions  and  accrediting  legitimate 
businesses 

Got dmail  uses  a  system  of  back¬ 
ground  and  credit  checks  to 
establish  a  'legal  path  of  account¬ 
ability' kir  its  potential  customer*. 
It  limits  e-mail  delivery  to  opt  in 
recipient*,  and  monitor*  com- 
piaint*  .ig.imst  its  customer*  to 
« •stabltsh  their  online  reputaftt  >n 

Meng  Weng  WGrig,  CTO  of  thr- 
Karmasptiere  com  startup  also  is 
attacking  the  problem  but  be¬ 
lieves  the  answer  is  an  open  repu¬ 


ted*  in  exchange 
Wimg  previously  developed  tlie 
Sender  fbficy  FVamework.  which 
eventually  merges!  with  Micro¬ 
soft's  CalleriD  to  create  SenderlD 
a  system  designed  to  venfv  the 
domain  ol  e-mail  sender* 
SenderlD  has  been  invaded  by 
spammer*,  hut  Wong  is  develop¬ 
ing  what  he  savs  are  the  other 
pieces  ol  the  puzzle 
‘I  am  working  on  building  an 
open  reputation  network  that 
mak*-s  it  very  easy  lor  people  in 
the  reputation  and  accreditation 
industry  to  share  or  sell  their 
tlata.'Wi  >ng  says 
“We  need  to  get  back  to  a 
world  where  I  can  e-mail  a 
stranger  and  they  can  e-mail  me 
and  the  mail  gets  through,  and 
where  I  don’t  have  to  pay  lor 
that,'  hr*  say*  'We  have  to  get 
back  to  the  good  old  day*  We 
can  do  that  with  authentication, 
reputation  and  accreditation  ■ 


ncan*a*.convrnrrww: 


Bicofi  .5  6  Li's  color  printer  lire  of  tn«  year 
B<ott  dependac-  ty  move*.  /Our  if>aj  forward 


RICOH 


V  / 

Small  Workgroup  Office  # 

.  '\  / 


Branch  Office 


Corporate  Office 


Home  Office 


Road-Warrior  Office 


Take  cost  out  of  your  business  and  increase  productivity 

-  - - - -  i  .  :• 

No  matter  where  you  do  business. 


The  Brother  Advantage 

>-  Comprehensive  selection 
2^  Increased  productivity 
2^  Lower  acquisition  costs 
2^  Reduced  consumable  costs 
2^  24/7/365  support  and  service 
>•  Free  evaluation  program 


Brother  Printer,  Fax  and  Multi-Function  Center®  models  - 
designed  to  increase  productivity  while  decreasing  overhead. 

Considering  that  over  94%  of  Fortune  1000  company  employees  work  outside 
corporate  headquarters*,  equipping  them  with  a  cost-effective  solution  is,  to 
say  the  least,  a  major  challenge. 


That's  why  Brother's  Commercial  Division  is  committed  to  providing  superior 
and  reliable  imaging  solutions  that  increase  productivity  while  reducing  costs. 
This  enables  businesses  like  yours  to  effectively  address  critical  organizational 
goals  and  challenges. 


Mobile  Printing  Solutions  Labeling  Solutions 


Desktop  Laser  Solutions  Color  Laser  Solutions 


But  it  is  our  product  reliability,  coupled  with  a  responsive  nationwide  support 
and  service  network,  that  has  companies  like  yours  putting  Brother  at  the  top 
of  their  requisition  lists. 

Brother's  Commercial  Division  welcomes  the  opportunity  to  put  our  resources 
to  work  for  you.  Contact  us  today  so  we  can  show  you  how  we  can  positively 
impact  your  bottom  line  while  enhancing  your  performance. 


Multi-Function  Solutions 


Network  Printer  Solutions  Fax  Solutions 


For  more  information,  call  1-866-455-7713. 

’Purchase  Influence  in  Larger  American  Businesses  ( Erdos  &  Morgan,  2001). 


©  2005  Brother  International  Corporation,  Bridgewater,  NJ  •  Brother  Industries  Ltd.,  Nagoya,  Japan 

For  more  information  visit  our  Web  site  at  www.brother.com 


2  U06  •  **w  f«nrV»  • 


NET  INFRASTRUCTURE 

SECURITY  SWITCHING  ROUTING  I  VPNS  BANDWIDTH  MANAGEMENT  ■  VOIP  WIRELESS  LANS 


Deciding  the  Mure  of  Ethernet 

Component  designers  discuss  the  next  frontiers  for  the  venerable  technology. 

Evolving  Ethernet 

Some  Ethernet  refuted  topics  discussed  at  last  week's  DesignCon  conferer*  e 
ncluded  using  Ethernet  as  a  backplane  technology  for  network  gear,  and  ICG 
Ethernet  over  copper. 

H-irtmwtdi _ 

•ttLSap:  Preened  iff  st.widtrd  for  tang  Ethernet  as  a  transport  protocol  among  components  nsrh 
•  MhcorrmfiuimK  itvca  such  as  a  LAN  swfcfi  or  btado  server  chassis. 

Key  challenge:  '.gpiiiwnt  among  switch  wrvlnrs  on  phys«;;il  kiyir  mptarontations 

Statu*:  Standard  not  expected  unti  2fl0i 

802~Wt  Devotopeig  IEE  standard  fir  rumng  IOC  Ethernet  owr  unshw:h)i:i]  tamed  pan-  raipper  labtng. 

Key  challenge:  Pusfitg  the  etactttal  fruquirry  brurtns  <f  Category  M5  (siting, 


Short  Takes 


■  SonicWall  i  spending  its  secu 
rity  of  ter  mgs  into  #  mail  security 
with  ■  131  million  purchase  of 
MallFrontler,  en  e  mail  security 
specialisi  Madfrontier  aelts  soft 
ware  and  appliances  that  fitter 
•■mail  for  phishing  attempts,  vt 
ruses  and  spam  SonicWall  an 
ixxmced  no  short  term  plans  to 
integrate  Maitf  rontier  mto  its  exist- 
mg  appliances,  but  spoke  of  having 
an  a  mail  security  offer  mg  to 
tlest  i  out  its  line  of  security 

gear  Sonic  Wat)  makes  small 
business  security  appliances 
mcludmg  IP  Sec  and  SSL  Imp  wall 
and  VPN  appliances  with  gateway 
anti  virus,  anti  spyware,  intrusion 
prevention  and  content  filtering. 

■  Symantec  ast  wet*  announced 
plans  io  acquit  Rellcore  a  pro 

vider  of  data  center  management 
software,  as  pan  of  a  bid  to  round 
out  its  offerings  for  data  center  cus 
tomers.  The  acquisition  is  expected 
to  be  completed  during  the  middle 
of  this  month  Financial  terms  were 
not  disclosed  Symantec  is  buying 
Reticor*  to  gel  its  hands  on  Relcom 
Clat  Ay.  a  management  tool  that 
offers  the  ability  to  discover  and 
track  changes  to  application  and 
server  components  m  a  data  center 
This  eliminates  the  need  to  track 
changes  manually  and  can  speed  up 
troubleshoot  mg  efforts  m  the  event 
that  an  upgrade  causes  a  problem. 
Symantec  says  T he  software  also 
can  help  ensure  that  polices 
required  b>  regulations,  such  as  the 
Sarbanes  Oxley  Act  are  enforced 
with  related  systems,  the  company 
says 

■  PGP  announced  PGP  Command 

lire  9G.  file  encryption  v-i 
ware  T he  software  is  designed  to 
protect  tiles  regardless  of  where  A 
resides  R  runs  an  the  iBM  x  Series 
mamfreme.  as  wed  as  Red  Hat 
Enterprise  l mux  4.0  and  SuSE 
Lmux  Enterprise  Server  9 0.  PGP 
Commend  L  me  9jQ.  which  starts  at 
$2, MO.  a  expected  to  be  e% enable 
March  1 


BY  PHIL  MOCHMUTH 

Scaling  Ethernet  to  new  bright*  —  * 
much  as  lOOGbps  —  and  developing  I0G 
ElhemH  for  ct^Tper  winng  ami  internal  sys¬ 
tem  backplanes  were  among  the  chief 
ivum-s  at  last  week's  DesignCon  conference 
in  Santa  Qara 

Cust<  itikts  and  producers  of  OherM  vav 
the  need  lor  scaling  the  technology  to 
lOOGbps  and  kw  a  100  Cagahit  Ethernet 
vt.iiKl.irl  k  approaching  (astir  than  ex¬ 
pected  The  use  of  Ethernet  inside  corn  pul 
ers  amt  switch  i  havstv  and  I0G  Ethernet 
over  copper  could  result  in  pertownawca 
gains  and  cod  saving  k»  customers  of  coe 
|Miral<-  LAN  gear  in  the  near  future,  industry 
msidi-rs  say 

Breaking  100 

‘Its  tune  to  start  a  higher-H**ed  study 
group  in  the  IEEE.' savs  Mike  Bennett,  senior 
network  engineer  at  Lawrence  Berkley 
National  l.ab  (LBNL).who  spoke  at  a  100G 
Ethernet  (vane)  at  the  event  wtuch  mostly 
drew  members  of  die  component  and  sili¬ 
con  design  community 

Bennett  said  the  bandwidth  needs 
among  his  peers  at  other  US  Department 
of  Energy  la!  is  and  among  earner  networks 
will  soon  call  ku  a  lOOGbps  standard 
Current  use  of  I0G  Ethernet,  and  the  need 
to  aggregate  10C  lurks  are  driving  this 


Scientists  at  IBM  have  developed  a 
ctvpset  that  they  dam  e  capaote 
of  aAowmg  wvetees  devees  to 
operate  more  than  JO  tvnes  taster  than 
today’s  advanced  W*  f  <  networks. 

The  cNpeei  whec  uses  sAcon  garma 
mum.  e  dB&gned  to  operate  n  the  flD 
GHz  band  an  crAceneed  port  on  of  me 
radio  spectrum  that  can  be  used  to 
transport  data  ntensrve  formats  such  as 
hgh  defrvttm  letewsen  (HO TV).  t6M 

Elect rorncs  makers  ha«e  been  lookng 
lor  ways  to  expbt  the  part  of  the  rado 
spectrum  but  prevexa  chps  daeugned  to 
tap  as  potemai  have  been  too  large, 
expense  ana  dffcUl  to  rtegratt  *  tn 


Status:  i  jgectod  to  be  ratftd  if*  yv^tr 
icquiretnenL 

Then*  »  vrrv  support  in  the  design  com¬ 
munity  kir  Ethernet  to  Mkiw  tire  progn-v 
smn  of  SONET  technology's  trananunion 
speed,  as  IOC  Ethernet  development  stayed 
ckwe  to  SONETTXM92  specificatKim.  OC- 
76H.  at  around  -tOGbps,  is  tire  ranfied  high 
est-levd  spit'd  of  SONET  available  Bennett 
thinks  the  bamlwidth  needs  of  higfeend 
users  and  earners  will  exceed  -fOGbps  by 
the  tune  such  a  standards  effort  gets  into 
motion,  moving  to  IOOC  is  better  planning 
for  the  future 

*Weve  always  been  an  Ethernet  shop." 
Bennett  said  'Aid  our  wtiole  upgrade  plan 


other  products,  the  company  says 
U&ng  sAcon  germanium  technology 
aAows  a  Ngn  level  of  rxegrafon  m  the 
chps.  accordng  to  IBM  Antennas  can 
be  embedded  drecti/  into  the  chpeet 
heipng  to  reduce  system  coats. 

For  example,  a  sAcon  germanium 
cased  crvpset  rciuckng  recerier.  trace 
nutter  and  two  antennas,  void  occupy 
the  area  of  a  dm&  i  BM  says. 

The  teefroeg/  cc uKS  be  used  not  only 
r  me  office  erwronment  but  also  at 
tettng  an  igtcompreesed  HOTV 
be  tranemAted  *#eteeeiy  from  a 
DVD  payer  to  a  plasma  dep&y  mounted 
on  the  wal.  the  company  says. 

—  John  Blau,  IDG  News  Service 


»  hast'd  on  scaling  by  factors  of  10.  so  it 
wi  mid  |ust  U-  a  natural  pn  igrev>i<  >n  to  go  fo 
I00G  Ethernet* 

LBNI.  uses  several  I0G  links  in  its  data 
centers  to  aggregate  switch  connections 
anil  links  to  supercomputer  clusters,  used 
lor  computer-intensive  energy  research 

"Were  getting  to  Hie  point  where  I0G 
Ethernet  ls  taking  ofl.  and  at  some  point 
you’re  going  to  need  to  aggregate  those 
links,’  Bennett  said. 

Ethernet  inside 

Ethernet  also  »  catching  on  as  a  ba<  k 
plane  tecimology  lor  a  variety  of  gear,  uv 
cluding  blade-server  chassis,  core  IAN  and 
metropolitan- area  network  Ethemrf  switch¬ 
es  and  rrmters,  and  broadband  wireless 
and  DSL  access  equipment 

'Die  use  of  Etliernet  in  a  devw  ••  back 
plane  involves  the  transmission  of  traffic  in 
stan<W<hsued  Etliernet  frames  on  a  device 
backplane  which  interconnects  vanou* 
modules  ami  interface  components  of  a 
machine  (In  a  btwle  server,  tin-  Ethernet 
backplane  links  blades  with  a  shared  inter 
face,  in  twitches,  its  the  palli  traffw  fakes 
traveling  among  ports  on  diflerenf  •  rterface 
cards,  or  to  a  central  pac  ket  p rew  rig 
module)  In  2004.  tlie  HU  lap  T x-A  Ion  • 
was  formed  in  the  IEEE  to  help  Nan*  la/  • 
this  irnplernentatuxc 

According  to  Adam  Healey  a  n><  <  er  of 
tfe  technical  staff  at  chgerriax-  r  get* 
Systems  development  of  physn  al  wOen  *  < 
Nanda/ds  tor  bat  kpialte  fJheru*-»  »  y 
closet  Speaking  at  Design!  on.  Hea  s  » 
tlie  HU  lap  Task  Force  s  co»apl» 
details  of  KXXiBASfc-KX  ami  MM  ,c,  E  >  X I 
Sm  ftfeamU  p+i-  ll 


IBM  makes  fast  wireless  chips 

Big  Blue  designs  chipset  to  operate  in  60GHz  band. 


22  •  www.networkworld.com  •  2.13.06 


Symantec  to  offer  online  protection 


BY  ELLEN  MESSMER 

Though  the  technology  still  may  be  in  the 
lab,  Symantec  says  its  plans  include  the 
delivery  of  online  protection  services  that 
prevent  phishing  and  identity  theft  while 
also  warning  customers  about  spyware- 
infested  Web  sites. 

The  security  firm  hopes  to  have  an  anti¬ 
phishing  service  ready  by  this  fall  that 
would  monitor  users’  PCs  to  detect  any 
attack  to  lure  them  onto  a  fake  Web  site, 

SECURITY 

Subscribe  to  our  free  newsletter. 

DocFinder:1017  www.networkworld.com 


says  Tom  Pbwledge,  director  of  product 
management  at  Symantec.  The  service, 
which  Symantec  has  code-named  Genesis, 
will  greatly  depend  on  how  successful 
Symantec  is  in  developing  client  software, 
delivered  as  a  service,  which  would  stop 
and  block  phishing  attacks  based  on  look¬ 
ing  at  tricks  in  a  Web  site’s  URL  and  page 
contents. 

“We  would  use  a  form  of  heuristics  to 
determine  a  fraudulent  Web  site,”  Fbwledge 
says. 

The  anti-phishing  service  would  entail  a 
real-time  determination  if  a  visited  page  is 
trying  to  imitate  a  real  Web  site.  If  the  page 


is  determined  to  be  a  fake, Symantec  would 
immediately  provide  an  on-screen  warning 
blocking  the  site  and  giving  the  user  the 
opportunity  to  get  further  information 
through  online  chat,  e-mail  or  phone. 

Symantec’s  second  related  security  initia¬ 
tive,  dubbed  Security  2.0,  would  entail 
Symantec  issuing  real-time  warnings  to 
users  that  visit  Web  sites  with  undesirable 
content  such  as  spyware  or  adware. 

“Our  vision  of  the  future  is  that  you’ll  see 
either  ‘safe  site’  or  ‘unsafe  site,’”  Fbwledge 
says.  Symantec  will  make  these  determina¬ 
tions  based  on  constantly  scouring  the  Web 
with  crawlers  to  look  at  site  contents  and 


activities,  while  also  checking  digital  certifi¬ 
cates  for  authenticity 

Symantec  also  is  mulling  establishing 
“community  credibility  ratings"  for  Web 
sites.  Fbwledge  says  the  goal  is  to  guarantee 
a  trusted  search  experience  to  subscribers 
of  the  company’s  future  services. 

Accomplishing  these  ambitious  projects 
and  turning  them  into  commercial  service 
offerings  will  require  Symantec  to  work 
with  e-commerce  providers,  online  banks 
and  possibly  other  partners.  Symantec 
gained  some  of  the  software  technology  for 
the  online  security  services  through  its 
acquisition  last  year  of  WholeSecurity  ■ 


Anti-virus  vendors  target  network-access  control 


BY  ELLEN  MESSMER 

SAN  JOSE  —  Anti-virus  software 
rivals  McAfee  and  Symantec  are 
going  toe-to-toe  again  as  they 
both  unveiled  network-access 
control  products  at  the  RSA  Con¬ 
ference  last  week. 

Expected  to  ship  in  mid  March, 
McAfee’s  Policy  Enforcer  1.0  will 
include  Windows-based  desktop 
client  software  to  let  customers 
enforce  endpoint  security  by 
having  the  Windows-based  Policy 
Enforcer  server  check  for  updat¬ 
ed  patches,  anti-virus,  firewall 
and  unauthorized  applications 
before  allowing  a  user  onto  the 
network.  The  server  component 
also  will  be  available  as  a  soft¬ 
ware  module  that  can  run  in 
McAfee’s  management  console, 
eFblicy  Orchestrator. 

The  goal  is  not  just  to  enforce 
patch  and  anti-virus  updates,  says 
Eric  Winsborrow,  McAfee  vice 
president  of  product  marketing. 
“We’re  also  going  to  be  able  to 
check  for  the  existence  of  infec¬ 
tions  like  Sasser  or  Zotob  or  bot¬ 
nets  before  allowing  the  machine 
onto  the  network.” 

“We  need  to  have  a  better  con¬ 
trol  over  the  assets  in  our  net¬ 


work,”  says  Andre  Gold, director  of 
information  security  at  Contin¬ 
ental  Airlines  in  Houston.The  firm 
is  beta-testing  McAfee’s  Policy 
Enforcer,  with  the  prospect  that  it 
may  be  rolled  out  in  the  organi¬ 
zation  later  this  year  as  a  way  to 
better  prevent  virus  and  worm 
infestations. 

If  a  desktop  doesn’t  pass  inspec¬ 
tion,  Policy  Enforcer  will  quaran¬ 
tine  it  to  facilitate  a  remediation 
process  so  that  the  user  can  meet 
the  security  policy  and  gain 
admittance  to  the  network. 
McAfee’s  product  also  will 
include  a  Windows-based  scan¬ 
ner  to  perform  network  discovery 
and  determine  what  devices  are 
coming  onto  the  network. 

Symantec  is  targeting  the  same 
segment  with  it’s  Symantec  Net¬ 
work  Access  Control  Enforcer 
appliance,  a  hardware-based  ver¬ 
sion  of  the  Sygate  Enterprise  Pro¬ 
tection  software  product  it 
received  through  the  acquisition 
of  Sygate  Technologies  last  year. 

The  appliance,  expected  to  ship 
in  April,  will  include  a  desktop 
software  agent  for  Windows-based 
computers  that  will  perform  a 
wide  variety  of  host-integrity 


checks,  says  John  Brody  senior 
director  of  product  management. 

The  Symantec  Network  Access 
Control  Enforcer  appliance  will 
check  for  anti-virus  and  ensure 
that  required  software  patches  are 
installed. 

Whether  deployed  on  a  LAN 
segment  or  behind  the  VPN 
gateway,  it  also  will  be  able  to 
scan  machines  that  may  not 
have  the  host-based  agent  on  it. 
“It  will  be  able  to  download  an 
on-demand  agent  to  a  visiting 
machine  to  scan  it  in  a  host- 
integrity  check,” says  Sijay  Desai, 
Symantec’s  director  of  product 
management. 

McAfee  and  Symantec  each  has 
its  own  approaches  to  network- 


Ethernet 

continued  from  page  21 


access  control,  but  the  question 
arises  how  their  products  may  fit 
into  the  Cisco  and  Microsoft  tech¬ 
nical  frameworks.  Cisco’s  Network 
Admission  Control  (NAC)  relies 
on  Cisco  switches  and  routers  as 
the  policy-enforcement  point. 
Microsoft’s  Network  Access  Pro¬ 
tection  (NAP)  is  in  beta  with  the 
Vista  operating  system. 

Symantec  and  McAfee  say  their 
products  do  support  Cisco’s  NAC 
and  they  intend  to  support 
Microsoft  NAP  as  the  beta-testing 
program  for  it  concludes,  proba¬ 
bly  later  this  fall.  Both  also  say 
they  will  back  the  emerging 
open  network-access  control 
specification  called  Trusted  Net¬ 
work  Connect  from  the  Trusted 


Computing  Group. 

Neither  McAfee  nor  Symantec 
have  released  pricing  for  their  net- 
work-access  control  products.* 


nww.com 

Security  event 

Looking  for  better  security  solutions? 
Need  an  integrated  strategy?  Attend  a 
Network  World  U  Road  Map  event  com¬ 
ing  to  Boston,  Chicago,  Dallas,  and  the 
Bay  Area.  One  day.  Six  tracks.  And  40  IT 
all-stars,  analysts,  vendors,  end  user 
case  studies  ready  to  work  for  you. 

DocFinder:  2024 


and  10GBASE-KR;  these  are  Gigabit  Ethernet  and  two 
10G  Ethernet  specifications,  respectively  for  running 
Ethernet  a  distance  up  to  around  3  feet,  using  a  four- 
lane  printed  copper  interconnect. 

According  to  the  standards  crafters,  the  use  of 
Ethernet  in  backplanes  would  let  component  mak¬ 
ers  create  products  at  lower  cost,  because  there  is  no 
need  to  create  a  new  technology  for  moving  data  in¬ 
side  of  a  box,  when  Ethernet  is  already  an  estab¬ 
lished  standard  for  moving  data  outside  a  device 
over  wires. 

Standardizing  Ethernet  technology  could  pave  the 
way  for  more  interoperability  among  components, 
although  observers  say  a  level  of  component  plug- 
and-play  similar  to  that  in  the  PC  hardware  market  is 
unlikely  Official  sanctioning  of  the  802.3ap  standards 
by  the  IEEE  is  anticipated  in  about  a  year. 

Closer  to  copper 

More  readily  affecting  users  is  the  standards  effort 


behind  10G  Ethernet  over  unshielded  twisted-pair 
(UTP)  cabling.  IEEE  ratification  of  the  lOGBase-T 
standard  is  expected  this  summer.  With  the  technical 
standards  pretty  much  set  for  the  technology,  the 
issues  of  powering  lOGBase-T  ports  in  large  densities 
is  among  the  challenges  left  for  vendors  bringing 
products  to  market, according  to  Paul  Langner, direc¬ 
tor  of  systems  and  validation  engineering  for 
Aquantia,  which  makes  10G  Ethernet  chips. 

Langner  said  the  greater  electrical  output  lOGBase- 
T  requires  will  be  a  challenge  for  switch  vendors. 
Also,  controlling  jitter  on  copper  wires  running  10G 
Ethernet  will  be  an  obstacle  for  switch  designers, 
because  signal  noise  on  UTP  cabling  is  pushed  to 
the  theoretical  limits  of  the  medium  with  lOGBase-T. 

LBLN’s  Bennett  said  most  of  his  facility’s  high-speed 
links  are  fiber  based.  But  copper  10G  Ethernet  could 
be  useful  as  more  server  and  cluster  nodes  begin  to 
support  that  speed  of  Ethernet. 

“One  of  our  data  denters  is  looking  to  connect  [ser¬ 
vice  cluster]  elements  at  10G  soon,”  Bennett  said.“By 
the  time  that’s  ready  for  production,  lOGBase-T 
might”  be  the  right  technology  for  doing  that.  ■ 


NEWS  ALERTS 

Hate  hunting  for  stories  on  a  specific  topic?  Let  the  news  come  to  you  with 
Network  Worlcfc  latest  news  alerts  —  with  focuses  on  security,  financials, 
standards,  trade  show  news  and  vendor-specific  news. 

vww.networkworid.com  Sign  up  today  DtcTafcr.  1M2 

1 


with  Intel  built  in,  CME  has 


mome 


uilt  in 


K 


N  At  Chicago  Mercantile  Exchange,  the  world s  largest  and  most  diverse  financial  exchange, 
business  is  growing  rapidly  The  proof?  Nearly  four  and-a-half  million  contracts  traded  per  day  -  up  more  than  thirty-five 
percent  in  a  year  Powerful  64 ^>t  Intel*  Xeon'  processor-based  servers  and  Intel's  vast  software  ecosystem  support 
CME  s  staggering  growth  CME  can  quickly  accommodate  rising  trade  volumes  while  adding  new  technology  services  for 
customers  The  move  to  Intel-based  solutions  is  delivering  a  five-fold  performance  increase  over  legacy  RISC  platforms,  h 
it  time  tor  your  organization  to  trade  up?  Read  about  CME's  burft-m  advantages  at  mtetcom/budtia 


P 


Xeon 


in  Sid# 


\  ' 


MULTIPLE  PHONE 
ARE  A  HASSLE  EVERYONE 


WITH  AVAYA  IP  TELEPHONY,  JUST 
ONE  NUMBER  CAN  REACH  YOU 
ANYTIME,  ANYWHERE. 


AVAyA 


COMMUNICATIONS 
AT  THE  HEART  OF  BUSINESS 


Discover  What’s  Possible.  Register 

for  the  Virtual  Technology  Summit 
at  avaya.com/vtechsummit 


ii«aa«Vi 

VIRTUAL 
TECHNOLOGY 
SUMMIT  2006 


FIRST  500  REGISTRANTS  WILL  RECEIVE 
A  SWISS  ARMY™  USB  LOADED  WITH 
VALUABLE  INSIGHTS 


2.0.06  •  «r*w  *  **  •  ’*S 


ENTERPRISE  C0MP1IT1NC 

■  WINDOWS  ■  LINUX  ■  SERVERS  ■  STORAGE  •  GRID/UTILITY  ■  MOBILE  COMPUTING 


NetApp  dives  into  virtual  tape  pool 


•V  DENI  CONNOR 

Nrfwi  «k  AppUanc  r  last  week  yaned  ctxn- 
patws  ohenng  virtual-tape  library  ajn»ln 
•mn  •eekiriR  to  differentiate  itvHI  with 
load  balancing  and  lajw  optimization 
The  company  amviurKixl  two  disk -based 
ajijiliarx  <•%  —  ttie  NearStore  VTlfiOO  and 
VTL1200  —  that  sdorr*  as  much  as  IbKTB  of 
data  The  pmdiKtv  an*  based  on  lechnol 
orv  otHamed  via  Network  Afipiiancek  buy¬ 
out  la*fl  war  <  if  Alac  ntus 
bkr  makers  of  other  virtual-tafx*  libraries. 
Network  \|>|»Ii.hk«-  um-s  disk  instead  of 
tape  to  back  up  and  recover  data  I  aster  and 
save  on  media-acquisrtKxi  costs  and  floor 


space  occupied  by  spacious  tape  libraries 
The  NearStore  VTL600  has  a  single  con¬ 
troller.  while  the  VTLI200  has  two  As 
data  gets  older,  the  devices  can  copy  it 
directly  to  physical  tape 
The  NearSton*  VTLs  work  with  tradi¬ 
tional  backup  software  from  BakB*xie. 
CA.  CommVault.  HP  Legato.  Symantec. 
Syncsort  and  Tivoli  They  work  with  tape 
hbranes  from  ADR'.  IBM.  L/uantum  arK^ 
Sun  The  applianc  es  can  back  up  data  on 
any  vendor  »  open  systems  storage  device, 
the  company  says 

The  VTL  ts  an  opportunity  kx  tfiem  to 
break  out  into  heterogeneous  environ¬ 


ments.'  says  Stephanie  Balaouras.  senior 
analyst  at  Rxrwer  An  existing  NearStore 
archiving  .g>f>liaixe  b  design*  *d  hx  use  with 
•Xher  Network  Appliance  ge.ushe  says 
Many  storage  companies  haw  embraced 
virtual  lap**  libraries  as  a  way  to  quickly 
hack  up  and  recover  data  Among  them  are 
large  storage  and  systems  vend*xs.  such  as 
EMT.IBM  and  HPand  a  host  of  smaller  and 
newer  companies,  including  Copan 
Systems.  Diligent.  Duta  Domain.  FakixiStor. 
Maxxan.  Neartek  and  Sefiatixi 
Unlike  such  competitors  as  EMC* 
ClanKXi  Disk  Library  «x  IBM*  Virtual  Ta(>e 
Sm  Notwork  Appliance,  page  28 


Network 
Appfiance  goes 
virtual 

The  NearStore  VTL. 
which  emulates  the 
operations  of  a  tape 
library,  can 
accommodate  as 
much  as  168TB  of 
data 


SWsoft  virtualization  targets  high  availability 


•V  JENNIFER  MEARS 

.SWsoft  Iasi  week  announced  ufigraded 
Lmux-based  software  that  it  savs  enatXes 
customers,  to  move  a  virtual  server  and  its 
contents  to  a  new  physical  server  without 
srrvKe  interruption 

Ttie  company  takes  a  different  approach 
to  server  virtualization  than  such  com 
(KdtUxs  as  VMware  and  Microsoft  whose 
products  work  at  the  hardware  level, 
enabling  multiple  operating  systems  to 
run  on  a  single  physical  machine  With  the 
SWsoft  product. called  Y’lrtuozzn  kx  Linux 
3.0.  multiple  virtual  servers  run  on  top  of  a 
single  operating  system  Its  virtual  servers 
are  software  files  that  include  memory 


Short  Takes 


■  Microsoft  is  sTwythenirig  »n*.tr> 
to ctuH  property  protection  for  mpnu 
fact vxwrs  and  CkStrtxRor*  usioq  Ss 
soft  w  are  Microsoft  hts  mmcwea  a 
.  ap  on  some  tagai  costs  tor  oompa 
nets  that  use  or  anar  season  code  n 
vVr  oows  Embedded  and  AVrxws 
Moore  software  platforms.  Costs 
oewaned  t>)  the  move  would  ncide 
patent  copy  gnt  trackman*  ano 
trade  saerst  dawns.  Mcroeoft  sac 
about  4aX>  oomparwas  use  amoaoaao 
or  moore  software 


I/O.  configuration  files  and  more 
With  V^rtuozzu  kx  Linux  3.0.  users  can 
move  virtual  servers  among  physical 
machines  without  having  to  share  storage 
says  CEO  Serguei  Bel*  hiv*  a 
The  migration  c  apability  better  positions 
SWsoft  kx  enterpnse  data  centers,  ana¬ 


lysts  say  VMware,  kx  example,  has  offered 
similar  technology  with  VMotion  for  more 
than  two  years 

'What  these  [companies]  are  doing  now 
ts  they  re  trying  to  go  from  kx  using  on  con- 
solidatxx)  and  trying  to  me reuse  the  utiliza¬ 
tion  of  a  single  server  to  more  value-added 


features,’  says  Scott  Donahue,  a  vice  presi¬ 
dent  at  Tier  I  Resedich.*Whal  VMotion  does 
and  wliat  SWv  >ft  is  doing  here  is  they  re 
building  in  fault  toieraixe  and  high  avaik 
ability  by  being  able  to  move  virtual  servers 
between  physical  machines.* 

Wliile  SWsoft  has  targeted  servi*  *•  pro- 
viders  in  the  past, 'now  that  they  have  this 
portability  feature,  they  II  b*-  able  to 
approach  die  enterprise  more  ixi  par  with 
srxne  of  die  more  traditional  player*  like 
VMware  and  Microsoft,*  he  says 

Other  updates  in  Virtuozzo  kx  Linux  3.1) 
include  easy-to-use  templates  kx  proviMcxv 
trig  virtual  servers,  streamline*]  resource 
management  to  create  and  manage  virtual 
servers  and  suppixt  kx  Linux  disinbutKXM 
based  on  die  2.6  kernel,  including  Red  Hal 
Enterprise  Server  4  0 

In  addition  to  up*lanng  its  Linux  prod¬ 
uct,  SW*.»ft  rolled  out  Virtuozzo  tor 
Winck/ws  3  5  1.  which  adds  a  number  of 
enhancements  inc  luding  a  toil  enabling 
physicaMo-virtual  migration  Tnat  r*x>l 
slashes  the  time  involved  wiir.  -  reafing 
virtual  servers  from  as  long  as  *1.  v  Ur  |ust 
minutes  Beloussov  says  Upd-  n  die 
Windows  side  inc  lude  enharu  *  1 ,  -dor  us¬ 
ance  kx  rneirxxy  accent  and  mi  xt  kx 
Microsoft  Win* lows  Server  2M  J  R>rk-ase  2 
and  Mi*  r*jftof»  Small  Busin*-*-.  *-fw-r  2tJlJ3. 

Virtuozzo  kx  Linux  '5.0  and  .  r  -/o  kx 
Windows  5  5  I  start  ai  Sib*  *-r  t  PU 
socket  Virtu* /zzo  Managri  t*n  f  m**»  are 
priced  at  SI  <XJ0  per  s ear  kx  an  ur  united 
number  of  servers  ■ 


Zero  downtime 

SWsoft  s  Vrtuozzo  for  Lmux  10  enables  running  virtual  servers  to  be  moved 
among  physical  machnes  without  rterrupton. 


*a  >rl  u  i*  vv  i 


IVi 
drspuis  dt 
arwrsmmr 
jstulttf  rrja  xrw 
hrrvf  Mthm. 


LbtfS  *efca  i  1TJA  *efW  it. 
'Sti  rnkate  'jj  rmr  pfvsca 
ferwr  c  maid  be  mured 

"  ~1 

— *- 

T 


Xtctr  >  irja  | 
StTMT  tfkUS  5CR  4  M 
•\rirx  l/tg  ;t 


1  r^n 


X 

.  • 

0 

• 

P 

J 


Your  potential.  Our  passion 


Microsoft 


A  Company  Tracking  9  Million  Container  Moves  a  Year. 

Running  on  Microsoft  SQL  Server  2005. 


Memberof 


D-ALCSB 


Jettainer  manages  shipping  containers  for  Lufthansa  and  US  Airways  on  3,000 
flights  to  400  airports  every  day.  To  keep  up  with  a  database  growing  at  30%  a 
year,  they  upgraded  to  SQL  Server™  2005.  See  how  at  microsoft.com/bigdata 


Microsoft* 

Windows 
Server  System 


28  •  www.networkworld.com  •  2.13.06 


IBM  touts  higher  Power6  clock  speeds 


BY  SHELLEY  SOLHEIM, 

IDG  NEWS  SERVICE 

IBM  last  week  detailed  new  cir¬ 
cuit-design  techniques  that  it  says 
will  double  the  clock  speed  of  its 
forthcoming  Power6  processors 


over  the  speed  of  its  Power5  pro¬ 
cessors  without  dramatically  in¬ 
creasing  power  requirements. 

The  multicore  FbwerO,  due  next 
year,  will  run  at  speeds  of  more 
than  4GHz,  says  Brad  McCredie, 


chief  engineer  of  Fower6  for  IBM. 
Power5  operates  at  clock  speeds 
in  the  1.9GHz  range. 

IBM  says  it  took  a  holistic 
approach  in  its  techniques  to  im¬ 
prove  speed  while  keeping 


power  requirements  down. 

“There  are  as  many  as  eight  lay¬ 
ers  in  an  average  power  chip,  and 
IBM  appears  to  have  used  just  the 
right  technology  that  gave  them 
the  fastest  speed  and  least  heat 


.  •  -  ..  .... .  « .. 

■  "  >-  -  : 

'  'T.  ■  ‘  >  '  ■  • 

It  Life  Sciences.  gar** 

^  the  Drug  Discovery 

Pipeline 

Indispensable  Technologies  Driving  Discovery.  Development,  and  Clinical  Trials  /  .  -SRi  % 

...  .  :  .  2  -  y 

APRIL  3-5,  2006  |  SHERATON  BOSTON  HOTEL  |  BOSTON,  MA 


Massachusetts  Biotechnology  Council  I  BioTT World 


Indispensable  Technologies  Driving  Discovery,  Development,  and  Clinical  Trials 


r  »tus  *°°6  ,  °te 
aau 

($9gDati°n  °/.Sct 


Join  us  at  the  fifth  annual  Bio-IT  World  conference  -  the  premier  event 
for  life  science  and  IT  professionals  in  pharmaceutical,  biotech  and  academic 
organizations  -  at  the  Sheraton  Boston  Hotel,  April  3-5,  2006. 


Life  Sciences  Conference  +  Expo  is  produced  by  Bio-IT 

World  in  partnership  with  the  Massachusetts 

Biotechnology  Council  (MBC). 

This  year  in  Boston,  you'll  discover: 

•  The  latest  technology  developments  and  research 
breakthroughs  on  a  complete  spectrum  of  topics  - 
from  drug  discovery  to  clinical  trials 

•  How  pharma  and  biotech  companies  use  and  procure 
technology  to  enhance  target  identification,  improve 
drug  discovery,  expedite  clinical  trials  and  speed  time 
to  market 

•  A  world-class  three-day  conference  program, 
keynotes,  expert  speakers,  award  presentations  and 
educational  workshops 

•  An  expo  floor  with  a  full  array  of  products  and 
services  from  life  science  equipment  to  information 
technologies 


The  2006  Keynote  Addresses: 


Ray  Kuizweil,  Ph.D. 

legendary  Inventor 
and  Author  of 
The  Singularity  is  Near 


Kari  Stefansson,  M.D. 

Founder/CEO 
DeCODE  Genetics 
Iceland 


Allen  Roses,  M.D. 

Senior  Vice  President 
of  Genetics  Research 
GlaxoSmithKline 


Life  Sciences  Conference  +  Expo  features  four  primary 
conference  tracks: 

Complemented  by  several  instructional  workshops, 
where  bioscience  executives,  IT  professionals  and 
scientists  will  learn  how  to  utilize  technology  and 
informatics  to  more  effectively  create,  store  and  analyze 
data.  The  result:  accelerating  the  R&D  process  and 
speeding  time  to  market. 

•  Genomic  Medicine  and  Technology 

The  post-genome  era  is  being  shaped  by  dramatic 
advances  in  new  technology,  particularly  in  the  areas 
of  DNA  sequencing,  protein  analysis  and  microarray 
gene  profiling.E-Clinical  Research  and  Trials 

•  IT/Informatics  Solutions  for  Drug  Discovery 

This  track  will  examine  the  critical  ways  in  which 
organizations  are  deploying  information  technology 
and  informatics  solutions  to  further  drug  discovery. 

•  E-Clinical  Research  and  Trials 

This  track  explores  the  impact  of  technology  on  the 
costly  and  time-consuming  process  of  gathering  and 
analyzing  data  in  (and  after)  clinical  trials. 

•  The  IDG  Venture  Summit 

This  annual  track,  co-organized  by  Ernst  &  Young,  is 
a  compelling  one-day  event  that  unites  the 
biopharma  and  investment  communities.  The  track 
will  provide  expert,  in-depth  analysis  on  the 
investment  landscape  for  both  the  biotech  and 
biopharma  technology  industries. 


Join  us  for  all  this,  along  with  instructional  workshops,  special  awards  ceremonies,  and  much  more! 


t§Ll 


Register  by  February  17th,  2006  to  Save  (use  Priority  Code  BTR240). 
60  to  www.lifesciencesexpo.com  or  Phone  805-677-4295 


needed  in  each  layer,”  says 
Richard  Doherty  research  director 
for  the  Envisioneering  Group. 

IBM’s  move  to  higher  frequen¬ 
cies  in  its  next-generation  designs 
is  a  departure  from  the  strategy  of 
its  competitor  Sun,  which  has 
focused  on  moving  to  multicore 
processors  and  lower  clock 
speeds  as  a  way  to  keep  power 
and  heat  in  check.  ■ 


Network  Appliance 

continued  from  page  27 

System,  the  NearStore  VTLs  use  a 
self-tuning  technology  to  balance 
workload  to  their  physical  disks. 
They  also  have  a  technology 
Network  Appliance  calls  Tape 
Smart  Sizing,  which  allows  the 
VTL  to  save  as  much  as  50%  of  the 
media  used  during  backup  to 
tape  library  operations. 

“The  NearStore  VTL  lets  admin¬ 
istrators  create  tapes  in  native 
format  of  the  backup  application 
if  you  need  to  recover  from  tape 
in  the  future,”  Balaouras  says.  “It 
also  supports  a  one-to-one  map¬ 
ping  of  virtual  to  physical  tapes, 
so  they  can  optimize  the  com¬ 
pression  of  data  on  tape  and 
increase  efficiency’ 

Virtual-tape  library  technology 
is  popular  in  mainframe  environ¬ 
ments,  where  it  can  save  floor 
space  and  media-acquisition 
costs.  IBM,  Sun  and  Diligent  offer 
mainframe-based  virtual-tape 
products,  and  Sun  has 
announced  its  intention  to 
expand  its  Virtual  Storage 
Manager  into  open  systems. 

NearStore  VTLs  start  at  $1 14,000 
for  a  4.5TB  system. 

Network  Appliance  also  intro¬ 
duced  services  to  complement 
the  NearStore  VTLs.The  services 
include  design  and  implemen¬ 
tation  of  virtual  tape  libraries, 
disaster  recovery,  and  backup 
and  recovery. 

Separately,  the  company 
announced  a  security  appliance 
for  IP-based  storage  environ¬ 
ments.  The  Decru  DataFort  E- 
Series  3.0  supports  iSCSI  storage- 
area  networks  and  incorporates 
the  Common  Internet  File  System 
and  Network  File  System.  The 
firmware  includes  enhanced  anti¬ 
virus  support,  role-based  access 
controls  and  expanded  key  man¬ 
agement.  The  encryption  option 
Tor  iSCSI  costs  $1 0,000.  ■ 


2.13.06  •  www.networkworid.com  •  29 


APPLICATION  SERVICES 

I  CRM  ■  MESSAGING/COLLABORATION  »  WEB  SERVICES  ■  ERP  IS  E-COM  li  NETWORK  AND  SYSTEMS  MANAGEMENT 


Tools  address  security  concerns 

Vendors  launch  products  to  collect  logs  and  ensure  compliance. 

Sizing  up  security 

Security  management  vendors  are  pumping  their  products  full  of  compliance, 
automation,  real-time  reporting  and  storage  features  to  help  IT  managers 
better  automate  the  process  of  collecting  and  analyzing  security  data. 


Company 

Product 

Features 

e-Security 

Sentinel  AP 

Device  that  offers  the  company's  enterprise-scale  software  for 
monitoring  and  reporting  security  and  compliance  events  to  small 
and  midsize  customers. 

Network 

Intelligence 

Event  Explorer 

Static  dashboard  that  is  constantly  updating  as  event  data  is  collected, 
letting  network  managers  analyze  this  data  in  real  time. 

ScriptLogic 

File  System  Auditor 

Product  that  audits,  reports  and  shows  alerts  about  Windows  file 
server  activity,  showing  who  touched  which  files  and  folders,  when 
and  on  what  server. 

TriGeo 

Security  Information 
Manager 

Appliance  that  integrates  USB-Defender  for  removable  storage 
management  and  enhances  the  console  for  event  analysis  and 
visualization. 

Short  Takes 


■  LogLogic  last  week  unveiled  the 
first  version  of  its  LogLogic  3  soft¬ 
ware  that  logs  information  for  and 
keeps  track  of  all  e-mail  messages 
running  on  Microsoft's  Exchange 
Server.  The  update  adds  support  for 
logging  transport  data  and  metadata 
about  e-mail  transmissions  on 
Exchange,  but  stops  short  of  logging 
e-mail  content  information,  the  com¬ 
pany  says.  In  this  way,  it  protects  any 
private  information  stored  in  the 
message,  but  lets  IT  administrators 
see  who  has  sent  and  received  mes¬ 
sages  and  when,  and  also  lets  them 
track  patterns  in  user  e-mail  activity. 
The  company  plans  to  support  log¬ 
ging  of  e-mail  from  IBM's  Lotus  Notes 
software  in  a  future  release.  LogLogic 
3  ships  on  the  LogLogic  LX  and  ST 
appliances,  and  can  run  alongside 
other  servers  in  a  network.  The  LX 
appliance  provides  real-time  alerting 
and  agile  reporting;  the  ST  appliance 
contains  raw,  unfiltered  log  data 
archives  that  can  be  searched  using 
algorithms  similar  to  those  Google 
uses  in  its  search  engine,  according 
to  the  company.  The  appliances  can 
be  purchased  together  for  $40,000. 
The  update  also  is  available  for  free 
to  current  customers  with  an  active 
maintenance  agreement  with 
LogLogic. 

■  Softricity  last  week  announced  a 
partnership  with  Microsoft  to  inte¬ 
grate  with  that  company's  Systems 
Management  Server.  Softricity's 
SoftGrid  software  lets  remote  work¬ 
ers  access  a  company's  centrally  run 
Windows  applications,  streaming  to 
the  user  only  the  code  required  to  run 
the  applications  and  having  the  code 
execute  in  a  secure  cache.  Softricity 
will  produce  a  specific  version  of  its 
product  —  SoftGrid  for  Microsoft 
SMS  2003  —  to  provide  integration 
with  Microsoft’s  systems  manage¬ 
ment  software.  With  it,  SMS  2003 
users  will  be  able  to  virtualize  and 
stream  applications  to  any  desktop 
computer  specified  by  company  poli¬ 
cies.  The  partnership  is  nonexclusive 
and  will  involve  joint  sales  and  mar¬ 
keting  efforts. 


BY  DENISE  DUBIE 

Faced  with  regulatory  compliance  re¬ 
quirements  and  grueling  audits,  network 
managers  are  turning  increasingly  to  secu¬ 
rity-event  management  systems  to  detect 
when  policies  have  been  breached. 

SEM  products  —  from  e-Security  Network 
Intelligence,  ScriptLogic.TriGeo  and  others 

—  have  data  aggregation  and  event  corre¬ 
lation  features  similar  to  those  in  network 
management  software.  These  products 
automate  the  manual  process  of  collecting 
event-log  data  from  file  systems,  security 
appliances  and  other  network  devices  such 
as  firewalls,  proxy  servers,  intrusion- 
detection  systems,  routers  and  switches, 
and  anti-virus  software. 

With  upgraded  releases,  the  vendors  are 
separately  augmenting  their  suites  with 
advanced  reporting,  additional  storage 
capacity  and  new  form  factors  to  enable 
smaller  customers  to  roll  out  SEM  tools. 

E-Security  and  Network  Intelligence  are 
set  to  unveil  this  week  their  latest  products 
at  the  RSA  Conference.  E-Security  has  taken 
the  technology  of  its  Sentinel  enterprise 
level  software  and  put  it  into  an  appliance 

—  the  Sentinel  AP  —  designed  for  faster 
installation  and  easier  ongoing  mainte 
nance  by  small  to  midsize  customers  or 
remote-office  deployments.  Network 


BY  JEREMY  KIRK,  IDG  NEWS  SERVICE 

One  of  the  buzzwords  of  business-intelli¬ 
gence  software  —  analytics  —  has  been 
through  the  linguistic  grinder,  with  vendors 
and  customers  using  it  to  describe  very  dif¬ 
ferent  functions. 

The  term  can  cause  confusion  for  enter¬ 
prises,  especially  as  they  consider  business- 
intelligence  products  from  vendors  that  use 
the  word  analytics  to  mean  different  things, 
said  Andreas  Bitterer,  a  Gartner  research 
vice  president,  in  a  presentation  last  week 
at  the  company’s  business-intelligence  con¬ 
ference  in  London. 

“It’s  fairly  interesting  [to  see]  who  is 
actually  positioning  themselves  as  a  ven¬ 
dor  who  can  provide  the  ability  to  do 
analytics,”  Bitterer  said. “And  again,  what¬ 
ever  they  mean  by  [analytics]  is  still 
fairly  unclear.  If  you  believe  some  of  the 


Intelligence  is  adding  a  module  to  its 
EnVision  software  suite  that  will  let  cus¬ 
tomers  get  security  events,  compliance  sta¬ 
tistics  and  reports  via  a  management  dash¬ 
board.  ScriptLogic  last  week  introduced  File 
System  Auditor,  software  that  helps  cus¬ 
tomers  collect  filesystem  logs  and  compare 
changes  or  actions  against  preset  policies. 

“The  learning  curve  for  security  manage¬ 
ment  tools  is  so  steep  that  these  vendors 


marketing  and  PR  ...  it  is  just  fluff.” 

When  Gartner  conducted  an  informal 
survey  among  users  about  what  the  term 
means,  the  answers  ranged  from  online 
analytical  processing,  to  monitoring  call 
centers,  to  reporting  and  data  mining, 
Bitterer  said. 

The  responses  “were  completely  all  over 
the  place,”  he  said,  adding  that  after  the  sur¬ 
vey  the  research  firm  had  more  questions 
than  answers. 

Gartner  has  created  its  own  definition: 
“Analytics  leverage  data  in  a  particular 
functional  process  (or  application)  to 
enable  context-specific  insight  that  is 
actionable.”  It  can  be  used  in  many  indus¬ 
tries  in  real-time  data-processing  situations 
to  allow  for  faster  business  decisions, 
Bitterer  said.  For  example, a  customer  trying 
to  withdraw  money  from  a  cash  machine 


will  have  to  continue  to  broaden  their 
reach  with  security  controls  and  IT  poli¬ 
cies,”  says  George  Hamilton,  director  of 
enterprise  computing  and  networking  at 
The  Yankee  Group. 

Industry  watchers  speculate  that  SEM 
vendors  and  the  IT  duties  the  software  per¬ 
forms  will  be  absorbed  eventually  by  larger 
management  and  security  vendors  —  for 

See  SEM,  page  30 


shows  analytics  in  action:  The  data  being 
leveraged  is  a  bank  account  balance,  the 
process  is  the  withdrawal,  the  context-spe¬ 
cific  insight  is  the  fact  that  the  customer  has 
no  overdraft  protection,  and  the  action  is 
the  confiscation  of  the  debit  card. 

Analytics  is  different  from  business  intelli¬ 
gence,  although  business-intelligence  prod¬ 
ucts  play  a  role  in  analytics.  Oracle, 
Microsoft  and  SAP  have  no  apparent  defin¬ 
ition  of  analytics,  though  they  toss  the  word 
around  frequently.  Bitterer  said.  For  cus¬ 
tomers  trying  to  decide  how  the  various 
definitions  align, “just  grill  [the  vendors]  on 
that, because  it’s  kind  of  meaningless  if  they 
sit  on  a  term,”  he  said. 

Despite  the  ambiguities,  those  vendors, 
along  with  Siebel  Systems,  appear  to  be  the 
best-suited  for  providing  analytics  capabili¬ 
ties,  Bitterer  said.  ■ 


‘Analytics'  not  always  what  it  seems 


30  •  www.networkworld.com  •  2.13.06 


NET  INSIDER 


Scott  Bradner 


The  Senate’s  Commerce  com¬ 
mittee  last  month  heard  propos¬ 
als  that  would  enable  the  FCC  to 
require  recording  and  playback 
equipment  to  obey  copying  and 
reproduction  restrictions  indi¬ 
cated  by  a  “broadcast  flag”  imbed¬ 
ded  in  audio  or  video  content. 

These  proposals  were  before 
Congress  because  the  courts 
kicked  out  the  FCC’s  previous 
attempt  to  impose  such  a  require¬ 
ment  (see  “Broadcast  flag:  Pro¬ 
tecting  the  past,”  at  www.nww. 
com,  DocFinder:  2127). 

Although  the  recording  indus¬ 


An  iPod  as  a  legislative  force 


try  maintains  that  its  proposals 
will  not  get  in  the  way  of  con¬ 
sumers  continuing  to  do  what 
they  and  current  law  say  is  fine, 
testimony  by  the  industry’s  repre¬ 
sentative  indicated  that  this  is  not 
quite  the  case.  The  overturned 
FCC  action  dealt  only  with  a 
broadcast  flag  for  video  content. 
But  since  that  action  was  over¬ 
turned, the  recording  industry  has 
seen  an  opportunity  to  go  much 
further  and  has  proposed  a  simi¬ 
lar  function  for  audio  broadcasts. 
The  industry’s  argument  is  that 
such  a  thing  is  made  necessary 
by  the  advent  of  digital-over-the- 
air  broadcast  radio  stations  and 
digital  satellite  radio. 

In  this  proposal,  the  broadcast 
flag  (a  pattern  of  bits  buried  in 
the  data  stream)  would  tell  the 
electronic  device  what  limits  the 
broadcaster  has  placed  on  the 
recording  or  playback  of  the 


audio  material.  Mitch  Bainwol, 
speaking  for  the  Recording  In¬ 
dustry  Association  of  America 
(RIAA),  said  that,  under  its  pro¬ 
posal,  a  user  could  record  some¬ 
thing  while  listening  to  it  in  order 
to  play  it  back  at  another  time. 
When  questioned,  he  said  that 
automatic  (for  example,  time- 
based)  recording  would  not  be 
permitted,  nor  would  playing 
back  parts  of  the  recording  at  dif¬ 
ferent  times.That’s  more  than  a  lit¬ 
tle  change  from  what  people  can 
legally  do  today 
Some  of  the  senators  expressed 
skepticism  about  parts  of  this,  and 
others  wondered  about  the  whole 
idea.  One  of  the  doubters  was 
Sen.  Ted  Stevens  (R-Alaska),  the 
committee  chair,  who  personal¬ 
ized  the  discussion  by  noting  that 
he  had  just  received  an  iPod  as  a 
gift  and  wondered  at  limits  the 
RIAA  would  put  on  the  device 


playing  back  material  he  had 
recorded  over  the  air. 

Sen.  John  Sununu  (R-N.H.)  went 
further,  questioning  the  basic  idea 
of  government  meddling  in  this 
area.  He  noted  that  the  proposals 
purported  to  encourage  innova¬ 
tion, then  went  on  to  note  that  “we 
have  now  an  unprecedented 
wave  of  creativity  and  product 
and  content  development.” 

He  reminded  the  committee 
that  “the  history  of  government 
mandates  is  that  it  always,  always 
restricts  innovation”  and  won¬ 
dered  “why  we  would  think  that 
this  one  special  time,  we’re  going 
to  impose  a  statutory  government 
mandate  on  technology  and  it 
will  actually  encourage  innova¬ 
tion?”  (Listen  to  a  RealVideo  clip 
of  the  hearing,  starting  with 
Sununu’s  comments,  at 
DocFinder:  2128.) 

Stevens  noted  as  he  closed  the 


hearing  that  any  one  senator  in 
the  committee  could  put  pro¬ 
posed  legislation  on  hold.  He 
urged  the  RIAA  and  others  to 
work  to  bring  forth  a  proposal 
that  everyone  could  agree  on, 
with  a  strong  implication  that  the 
current  proposal  did  not  meet 
that  criterion. 

Stevens’  experience  with  his 
new  iPod  clearly  sensitized  him  to 
the  user  end  of  this  discussion, 
and  that  may  make  a  real  differ¬ 
ence  in  the  outcome. That  is  good 
news  for  consumers  and  maybe 
not  so  good  news  for  the  RIAA. 

Disclaimer  Harvard  makes,  in¬ 
fluences  and  observes  history  but 
so  far  is  just  watching  in  this  case, 
so  the  above  is  my  own  view. 

Bradner  is  a  consultant  with 
Harvard  University’s  University 
Information  Systems.  He  can  be 
reached  at  sob@sobco.com. 


SEM 

continued  from  page  29 

example,  IBM  acquired  Micro¬ 
muse,  which  had  earlier  acquired 
GuardedNet.They  also  say  that  for 
the  time  being,  specialized  SEM 
vendors  offer  a  much-needed 
technology  “Everyone  is  suffering 
from  compliance  fatigue  right 
now,  and  it’s  driving  SEM  pur¬ 
chases,  because  people  have  the 
budget  to  address  that  immediate 
concern,”  Hamilton  says. 

According  to  The  Yankee  Group, 
the  security  industry  overall  gen¬ 
erated  about  $12.9  billion  in  rev¬ 
enue  in  2004,  and  of  that,  SEM 
accounted  for  a  modest  $250  mil¬ 
lion.  However,  the  research  firm 
projected  that  by  the  end  of  2005, 
SEM  would  grow  by  more  than 
30%  to  be  a  $330  million  market, 
and  that  in  2008  it  would  be  an 
$800  million  market. 

Dan  Guerra,  systems  manager  at 
the  Archdiocese  of  Boston,  uses 
File  System  Auditor  to  collect  data 
on  files  being  accessed  across  his 
Microsoft  Windows  and  IBM  envi¬ 
ronment.  His  organization  pro¬ 
vides  benefits  to  many  organiza¬ 
tions,  and  he  says  it  must  comply 
with  the  Health  Insurance  Porta¬ 
bility  and  Accountability  Act 
!  1IPAA).  File  System  Auditor  runs 
i  the  file  system  driver  and  lets 
!m  collect  data  in  a  centralized 
ation  on  those  trying  to  access 
systems.  The  software  also 


helps  him  follow  up  on  the  poli¬ 
cies  that  may  have  been 
breached. 

“We  have  to  provide  the  inspec¬ 
tors  with  a  source  of  accountable 
information  on  how  we  protect 
personal  data  for  our  members 
and  those  we  provide  benefits  for, 
based  on  HIPAA.Without  this  tool, 
we  would  have  no  way  to  track 
the  abuse  of  those  files,”  Guerra 
says.  He  adds  that  he’d  like  to  see 
similar  support  for  his  IBM  Unix 
systems  as  ScriptLogic  addresses 
Windows  systems. 

Others  facing  regulatory  dead¬ 
lines  have  turned  to  SEM  prod¬ 
ucts  to  ease  the  burden  of  data 
collection  and  storage. 

“Being  in  the  financial  industry 
using  [TriGeo’s  Security  Informa¬ 
tion  Management  appliance]  has 
made  it  easier  for  us  to  prove  we 
are  monitoring  our  environment 
in  line  with  industry  standards  for 
security’  says  Robert  Martin,  vice 
president  and  Southwest  region 
security  officer  for  Fiserv,  a  pro¬ 
vider  of  technology  solutions  to 
the  financial  companies  in 
Houston. “TriGeo  helped  us  get  a 
handle  on  all  the  information 
coming  off  of  our  network  device 
logs  and  also  had  the  reporting 
capabilities  we  needed  in  our  reg¬ 
ulatory  environment.” 

The  appliance  arrives  at  cus¬ 
tomer  sites  preloaded,  and  cus¬ 
tomers  then  plug  it  into  the  net¬ 
work.  The  appliance  generates 


reports  according  to  customer 
specifications,  which  can  be 
based  on  time,  individual  devices 
or  groups  of  users. 

TriGeo  says  in  the  first  quarter  of 
this  year  it  will  release  an 
upgrade  of  Security  Information 
Management  that  uses  64-bit 
technology  for  greater  speed  and 
performance  than  were  possible 
in  the  32-bit  version;  it  will  also 
add  capabilities  to  USB-Defender, 
a  new  product  the  company  says 
aids  in  protecting  and  shutting 
down  unauthorized  jump  drives. 
USB-Defender  will  be  integrated 
into  the  next  release  of  Security 
Information  Management  to  offer 
customers  removable-storage 
management, TriGeo  says. 

For  Martin, TriGeo  helps  him  use 
fewer  tools  to  monitor  critical 
devices  and  actions  on  the  net¬ 
work.  He  says  it’s  important  that 
an  SEM  vendor  be  able  to  support 
as  many  devices  as  possible  from 
companies  such  as  Check  Point, 
Cisco,  ISS  and  Nortel,  to  ensure 
that  customers  don’t  have  to  use 
multiple  tools  to  monitor  security 
events  and  logs. 

“You  need  to  have  an  accurate 
inventory  of  what  you  have 
before  you  choose  a  SEM  prod¬ 
uct.  If  the  SEM  vendor  can’t  mon¬ 
itor  all  your  devices,  you  will 
need  to  collect  the  data  manually 
or  use  more  than  one  tool.  I'm  not 
sure  how  cost-effective  those 
options  are,”  he  says.  ■ 


Scalix,  Gordano  to  boost 
messaging  servers 

BY  JOHN  FONTANA 

Messaging  vendors  Scalix  and  Gordano  this  week  plan  to  introduce 
upgrades  to  their  messaging  servers  that  provide  better  monitoring 
tools  and  archiving  options  and  offer  customers  a  range  of  capabilities 
designed  to  improve  high  availability  cross-platform  feature  support 
and  Web-based  interfaces. 

Scalix  is  rolling  out  Version  10  of  its  Linux-based  server,  of  which  the 
Enterprise  Edition  includes  clustering  features  to  support  fault  toler¬ 
ance.  The  company  has  added  support  for  Apple’s  iCal  to  provide  cal¬ 
endar  integration  with  Microsoft  Exchange,  Lotus  Notes  and  Novell 
GroupWise. 

Also  new  is  ScalixConnect  for  Evolution,  which  provides  integration 
with  the  Evolution  messaging  client  for  Linux  desktops.  Wireless  sup¬ 
port  has  been  improved,  with  new  client  features  and  background  syn¬ 
chronization. 

The  Scalix  Web  Access  client  also  has  been  upgraded  with  an  inte¬ 
grated  address  book  and  personal  distribution  lists. 

Scalix  makes  it  possible  to  host  many  Scalix  domains  on  one  server 
and  has  64-bit  support  for  the  Fedora  Core  OS,  Red  Hat  Enterprise 
Linux, SuSE  Linux  Enterprise  Server  and  SuSE  Linux  OSS  lO.Scalix  costs 
an  initial  $60  per  user,  followed  by  an  annual  charge  of  $12  per  user. 

Gordano  is  expanding  the  capabilities  of  its  Gordano  Messaging 
Suite  (GMS),  which  runs  on  Windows, Unix  and  Linux.  Its  new  features 
include  AJAX-like  additions  to  its  browser-based  client  that  will  cache 
e-mail  messages  to  improve  performance.  The  company  is  adding 
hooks  for  SNMP  so  users  can  integrate  GMS  with  management  tools. 

A  new  API  for  its  External  File  Manager  will  let  users  put  the  GMS 
message  store  on  a  variety  of  storage  platforms,  including  databases 
and  archiving  software,  and  will  let  them  monitor  their  messaging  sys¬ 
tem  with  more  sophisticated  tools  than  traditional  message  logs. 
Users  will  also  be  able  to  integrate  GMS  with  VoIP  systems  to  get  voice 
mail  in  their  in-boxes. 

GMS  is  priced  at  $34  per  user  for  1,000  users.  Scalix  and  Gordano 
compete  with  CommuniGate,  IPSwitch,  Mirapoint,  Rockliffe  and 
Sendmail.B 


How  to  light  up  a  supply  chain.  ~ 

Advance  Transformer,  a  leading  component  manufacturer 
for  lighting  systems,  had  legacy  IT  systems  that  no  longer 
kept  up  wit  i  production  demands.  They  turned  to  HP  to 
better  manage  their  supply  chain.  Now,  using  an  IT  Service 
Management  approach  with  HP  OpenView  software  and 
HP  BladeSysfem  servers,  their  systems  automatically  solve 
problems  as  they  occur.  All  this  has  reduced  production 
time  from,  28  to  5  days,  cut  inventory  levels  by  50%  and 
revealed  the  bright  side  of  change,  www.hp.com/adapt 

Solutions  for  the  adaptive  enterprise. 


'.‘00c  HovvIeti'PbeHord  'Qttf&t?!! 


GATEWAY  GETS  GOVERNMENT 

And  education,  and  business  and  everything  in  between. 


Gateway's  notebooks,  desktops,  monitors  and  servers  are  winning  over  state 
and  local  government  agencies  in  places  like  the  states  of  California, 
New  York,  Texas,  Florida  and  Tennessee.  That's  because  Gateway  understands  the 
unique  challenges  faced  by  professional  sectors,  from  government  to 
education,  big  business  to  small  business.  We  can  put  our  technology 
solutions  to  work  for  you  by  customizing  our  innovative  products  and 
services  to  meet  your  needs.  An  exclusive  online  eProcurement  site,  priority 
access  support  and  unmatched  account  management  are  just  some  of  the  ways 
Gateway  helps  organizations  like  yours  remain  productive.  And  with  Gateway's 
outstanding  quality,  savings  and  service,  it's  a  win-win  situation.  Simply 
stated,  Gateway  is  good  for  government.  Gateway  is  good  for  your  organization. 

TO  LEARN  MORE  CALL  1-866-531-8297  OR  VISIT  Gateway.com 


re,  ctfWfJJS 
.&rvi i  9,‘ii'yy  So'a 


mm 


Gateway  Recommends  Microsoft®  Windows®  XP  Professional 


Pentium  4  HT 


Gatoway 


>  • .  r>  - 


■  -‘.'mb 


Gateway. 


"If  you  demand  the  ultimate  in  performance,  the  M465-E  belongs  on  your  short  list." 

LAPTOP  Magazine,  Winter  2006  Laptop  Mobile  Tech  Buyer's  Guide:  Best  New  Business  Notebooks 

To  learn  more  about  the  M465  and  our  other  award-winning  technology  solutions, 

CALL  YOUR  GATEWAY  ACCOUNT  REPRESENTATIVE  TODAY 


34  •  www.networkworld.com  •  2.13.06 


CRISIS  AVOIDANCE 


Utility  tackles  data  integration,  analysis 


Utility  upgrade 


Michigan  ElectricTransmission  Co.  uses  software  to  gather  better  intelligence  about  its  transmission  network  and 
improve  reliability. 


Substation 


IBM's  WebSphere  integration  software 
links  real-time  and  historical  data  from 
transmission  systems,  as  well  as  from 
traditional  business  applications  such  as 
ERP  and  asset  management. 


WebSphere 
Message  Broker 


Smart  relays  and  sensors 

Is" 

\ 

“\ 

continuously  monitor 
substation  systems  and 
send  status  information  to 

ip 

ip 

ip 

enterprise  systems. 

c 

METC  business  applications 


METC  mines  the  data  warehouse  to  identify  operational 
trends  and  plan  future  utility  upgrades. 


 r~ 

Data  warehouse 


METC  uses  real-time  data  collected  from  smart  relays 
and  sensors  inside  substations  to  isolate  network 
failures  and  dispatch  crews  to  precise  locations. 


BY  ANN  BEDNARZ 

n  Aug.  14, 2003,  a  blackout  left  50 
million  people  in  eight  US.  states 
and  Ontario,  Canada,  without  elec¬ 
tricity.  It  took  four  days  to  restore 
power  to  some  of  the  affected  areas  of  the 
United  States,  and  parts  of  Ontario  suffered 
rolling  blackouts  for  more  than  a  week. 

That’s  just  the  sort  of  crisis  Michigan  Elec¬ 
tric  Transmission  Co.  plans  to  avoid  by  add¬ 
ing  real-time  data  analysis  and  alerting  fea¬ 
tures  to  its  network.  Based  in  Grand  Rapids, 
METC  owns  and  operates  5,400  miles  of 
transmission  lines  and  80  substations  in 
Michigan’s  Lower  Peninsula.  Via  a  network 
of  high-voltage  powerlines,  METC  moves 
electric  power  from  its  source  —  nuclear  or 
fossil-fuel  power-generating  stations  —  and 
hands  it  off  to  local  distribution  companies, 
which  transmit  it  from  METC  substations  to 
6  million  people  in  METC’s  territory  “We’re 
like  the  tollway,  or  the  superhighway.  We 
take  the  energy  from  the  generators  and 
deliver  it  to  the  local  distribution  compa¬ 
nies,”  says  Julie  Couillard,  METC’s  executive 
vice  president  and  COO. 

Application  integration,  message  broker¬ 
ing,  data  warehousing  and  business  intelli¬ 
gence  are  the  cornerstones  of  METC’s  mul¬ 
timillion  dollar  project  to  improve  the  relia¬ 
bility  and  efficiency  of  its  core  systems. 
After  two  years  of  planning  —  begun  be¬ 
fore  the  2003  blackout  —  the  company 
launched  the  first,  $5  million  phase  early 
last  year  with  IBM  and  GE  Energy 
To  safeguard  and  streamline  the  process, 
METC  is  overhauling  its  protection  and  con¬ 
trol  relay  system. The  project  aggregates  real¬ 
time  data  collected  from  systems  and  de¬ 
vices  in  the  electric  network, and  transforms 
it  into  something  useful  for  the  people  who 
run  the  system,  says  Paul  Myrda,  chief  tech¬ 
nologist  and  director  of  operations  at  Trans- 
Elect,  METC’s  parent  company 
METC  expects  to  complete  its  project  in 
seven  to  eight  years  —  though  it  won’t  take 
that  long  to  realize  benefits  of  the  upgrades. 
The  long  buildout  is  caused  by  the  sub¬ 
stantial  upgrades  in  METC’s  substations.” We 
have  to  manage  outages. We  can’t  take  all  of 
our  lines  out  at  the  same  time,"  Couillard 
says.’Tt’s  staggered  in  order  to  minimize  the 
impact  on  the  grid." 

GE  Energy  is  handling  the  upgrade  of 
1  ETC’s  physical  assets,  including  its  control 
Tidings;  relays;  and  battery,  communica- 
’  i.  n  and  security  systems  at  each  company 
•ubstation. 

iBM  provides  consulting  and  integration 


services,  data  center  services  and  software. 
Among  the  technologies  METC  is  deploy¬ 
ing  are  IBM’s  DB2  database  and  content- 
management  applications.  IBM  also  will 
manage  a  hosted  environment  for  storing 
and  analyzing  data  collected  from  micro¬ 
processor  relays,  digital  fault  recorders, 
equipment  monitoring  devices  and 
weather  stations. 

IBM  is  also  developing  software  —  busi¬ 
ness  intelligence  tools  and  dashboards  — 
to  give  METC  staff  a  real-time  view  of  oper¬ 
ational  and  business  data, down  to  the  level 
of  each  substation’s  devices.  For  the  data 
crunching,  METC  uses  eDNA,  a  real-time 
data  monitoring  and  analysis  product  from 
InStep  Software. 

IBM’s  WebSphere  Message  Broker  soft¬ 
ware  makes  the  links  and  transports  mes¬ 
sages  between  the  applications  that  feed 
data  to  the  data  warehouse  and  analytic 
dashboards.  METC  plans  to  use  the  Web¬ 
Sphere  integration  software  as  an  enter¬ 
prise  service  bus  to  provide  connectivity 
and  handle  the  data  transformation  re¬ 
quired  for  a  service-oriented  architecture. 

“The  component  that  actually  protects 
the  grid  —  the  microprocessor-based  relays 
—  will  sense  if  there’s  a  problem  on  the 
line,  and  do  the  tripping  of  the  line  to  keep 
things  safe,”  Myrda  says.  The  technology 
behind  that  is  from  GE  Energy,  and  it’s  been 
around  for  about  a  decade,  he  says. 

One  of  METC’s  goals  is  to  respond  proac¬ 


tively  to  potential  power  losses  and  unex¬ 
pected  spikes.  When  failures  do  occur,  the 
company  wants  to  be  able  to  detect  and  at 
least  partially  diagnose  the  failures  re¬ 
motely  before  sending  staff  to  investigate. 

Electric  utilities  today  usually  rely  on  staff 
to  inspect  substations  in  person  when  a 
problem  occurs.  Common  reasons  for 
power  outages  on  METC’s  transmission 
lines  are  tree  damage,  car  accidents  and, 
most  frequently  weather-related  incidents 
such  as  lightning  and  ice. 

“There  is  some  technology  in  the  existing 
METC  grid  that  we  can  access  electronical- 
lybut  it’s  very  limited,”  Myrda  says.  For  exam¬ 
ple,  METC  has  legacy  Supervisory  Control 
and  Data  Acquisition  software  from  the 
1950s  and  1960s  for  monitoring  remote 
equipment.  “It  can  tell  us,  for  example,  a 
circuit  breaker  or  a  line  is  out  of  service. 
What  we  don’t  know  is  what  caused  it  nec¬ 
essarily”  Myrda  says.  “The  majority  of  the 
information  still  requires  a  trained  techni¬ 
cian  to  go  out  in  the  field  and  obtain  intel¬ 
ligence  about  what  went  on.” 

This  project  will  change  that.  Data  now 
will  be  electronically  gathered,  analyzed 
and  presented  to  those  who  run  the  trans¬ 
mission  system,  Myrda  says.“So  if  something 
happens,  or  is  about  to  happen,  that  intelli¬ 
gence  will  be  put  in  front  of  the  operator  so 
they  can  begin  to  mitigate  the  issues.” 

In  addition,  when  METC  does  have  to  dis¬ 
patch  someone,  the  new  technology  will  be 


able  to  zero  in  on  a  trouble  spot  with 
greater  accuracy  In  the  past,  METC  would 
know  something  had  happened  on  a 
length  of  the  line  —  but  if  a  line  is  100  miles 
long,  that’s  not  a  very  focused  target.  “With 
some  of  the  modern  technologies  today 
we’ll  know  the  line  tripped,  and  we’ll  be 
able  to  go  in,  look  at  the  information  and 
see  that  the  accident  occurred  27  miles 
down  the  line  from  the  endpoint,”  he  says. 

Another  addition  to  the  transmission  net¬ 
work  is  video  monitoring  at  the  substations. 
METC  uses  video  technology  for  physical 
security  and  as  a  remote-systems  monitor¬ 
ing  tool.“METC  covers  about  33,000  square 
miles.  It  takes  hours  to  get  from  substation 
to  substation,”  Myrda  says.  With  video  links, 
remote  operators  can  tap  into  the  video 
feed,  pan  and  zoom  cameras  from  their 
desks,  and  see  what’s  going  on  without  dis¬ 
patching  a  crew. 

METC’s  new  technologies  also  will  help 
the  company  improve  operational  decision 
making,  Couillard  says.  The  data  collected 
will  help  METC  plan  for  and  prioritize  future 
system  upgrades,  for  example.  By  analyzing 
load  patterns  in  greater  detail,  METC  can  up¬ 
grade  specific  circuits  that  need  it  instead  of 
doing  unnecessarily  broad  network  up¬ 
grades.  “We  wanted  an  integrated  solution 
so  that  we  could  not  only  reduce  our  main¬ 
tenance  costs  but  also  obtain  more  and  bet¬ 
ter  data  to  help  us  operate  and  manage  the 
system,”  Couillard  says.B 


2.13.06  •  www.networkworld.com  »  35 


SERVICE  PROVIDERS 

■  THE  INTERNET  BVPNS  ■  INTEREXCHANGES  AND  LOCAL  CARRIERS  ®  WIRELESS  ■  REGULATORY  AFFAIRS  Sf  CARRIER  INFRASTRUCTURE 


EYE  ON  THE  CARRIER 

Johna  Till  Johnson 


If  President  Bush  has  his  way  the  FCC  will 
soon  be  dealing  off  a  full  deck.  Bush  recent¬ 
ly  nominated  telecom  lobbyist  Robert 
McDowell  as  the  fifth  member  of  the  FCC, 
which  has  had  an  opening  for  most  of  2005. 

McDowell  will  do  more  than  fill  an 
empty  seat,  though.  He’ll  serve  as  a 
tiebreaker  on  a  number  of  critical  regula¬ 
tory  issues  likely  to  come  before  the  FCC 
(and  Congress)  in  upcoming  months, 
ranging  from  “net  neutrality”  to  E-911, 
Internet  wiretapping  and  backbone  inter¬ 
connect  agreements. 

McDowell’s  appointment  converts  the 
FCC  from  an  evenly  split  foursome  (two 
Republicans,  two  Democrats)  to  a  three- 
man  Republican  majority  Regardless  of 


Read  into  the  FCC’s  tiebreaker 


whether  McDowell  votes  along  party  lines, 
he’ll  enable  the  FCC  to  make  majority  deci¬ 
sions.  That  makes  McDowell’s  appointment 
disproportionately  important. 

But  what  kind  of  a  commissioner  will  he 
be? 

In  a  nutshell,  it  all  depends  on  who  he 
envisions  as  his  clients.  A  quick  glance  at 
his  bio  shows  that  he’s  an  effective  negotia¬ 
tor  who  excels  at  “bringing  home  the 
bacon”  for  the  folks  who  pay  him. 

He’s  serving  as  senior  vice  president  and 
general  counsel  of  Comptel.a  telecom  lob¬ 
bying  group.  Previously  he  served  as  gener¬ 
al  counsel  of  the  America’s  Carriers  Tele¬ 
communications  Association,  a  lobbying 
group  that  merged  with  Comptel  in  1999.  In 
between  those  stints,  he  worked  alongside 
FCC  Chairman  Kevin  Martin  on  the  2000 
Bush/Cheney  campaign. 

McDowell’s  clearly  a  great  lobbyist.  He 
succeeded  in  modifying  the  FCC’s  stance 


on  “truth  in  billing,”  arguing  that  forcing 
local  exchange  providers  to  detail  the 
specifics  of  phone  charges  would  actually 
harm  consumers.  The  FCC  listened  and 
ultimately  ruled  that  “truth  in  billing”  com¬ 
pliance  would  be  primarily  voluntary 
rather  than  mandatory.  The  net  effect  was 
to  avert  potentially  onerous  regulation  that 
would  have  adversely  affected  McDowell’s 
clients,  the  competitive  local  exchange 
carriers  (CLEC). 

McDowell  has  also  lobbied  hard  in  favor 
of  regulations  that  make  life  easier  for 
CLECs  and  interexchange  carriers  (IXC)  at 
the  expense  of  incumbent  local  exchange 
carriers  (ILEC).In  1998,  he  told  the  FCC  not 
to  rely  on  market  forces  to  enable  local 
access,  and  pushed  for  more  stringent  limi¬ 
tations  on  access  charges  imposed  by  the 
ILECs  on  their  competitors.  (ILECs  argued 
that  regulating  access  charges  effectively 
forced  them  to  provide  local  access  at 


below-costs  prices.) 

And  in  1997,  McDowell  argued  that  ISPs 
should  incur  the  same  infrastructure  sup¬ 
port  obligations  —  including  paying  access 
charges  and  Universal  Services  funds  —  as 
the  existing  IXCs.  In  his  statement  at  the 
time,  McDowell  argued  that  the  commis¬ 
sion  had  no  choice  but  to  treat  Internet 
phone  providers  in  the  same  manner  as  it 
does  traditional  phone  companies. 

The  upshot?  As  noted,  it  depends  on  who 
McDowell  sees  himself  as  serving.  If  he 
views  his  primary  clients  as  the  telcos, 
Vonage  had  better  watch  out.  If  he  views  his 
clients  as  telecom  consumers  —  whether 
individuals  or  enterprises  —  we  could  be  in 
for  a  really  interesting  ride. 

Johnson  is  president  and  senior  founding 
partner  at  Nemertes  Research,  an  indepen¬ 
dent  technology  research  firm.  She  can  be 
reached  at  johna@nemertes.com. 


Whaleback  touts  VoIP  service  for  SMB  market 


Profile:  Whaleback  Systems 

Location: 

Portsmouth,  N.H. 

Founded: 

2004 

Funding: 

S4.2  million  from  Ascent  Venture  Partners 

Founders: 

CEO  Mark  Galvin  and  Vice  President  of  Engineering  Wray  West 

Services: 

CrystalBlue  IP  PBX  service 

Competitors: 

Centrex  services,  IP  PBX  services 

Fun  fact: 

The  CEO  occupies  what  was  previously  the  nurse's  office  in  the  former 
elementary  school  building  at  Pease  Air  force  base,  now  an  office  park. 

BY  TIM  GREENE 

VoIP  start-up  Whaleback  Sys¬ 
tems  is  offering  a  flat-fee  phone 
service  that  includes  phones,  an 
IP  PBX  and  unlimited  calling  to 
any  phone  in  the  United  States. 

Designed  for  businesses  with  as 
many  as  1 ,500  phones,  the  service, 
called  CrystalBlue,  is  built  around 
the  SMB  1500,  an  IP  PBX  that 
Whaleback  built  using  its  own 
code  to  supplement  software  the 
company  purchased  from  several 
other  vendors,  says  Mark  Galvin, 
the  company’s  CEO. 

Customers  who  buy  the  service 


nww.com 

VoIP  event 

VoIP  and  collaboration  is  one  of  six  fast 
tracks  at  Network  World's  IT  Road  Map 
events  coming  to  Boston,  Chicago,  Dallas, 
and  the  Bay  Area.  Forty  IT  all  stars,  ana¬ 
lysts  and  vendors  will  offer  new  technol¬ 
ogy  and  best  practices. 

DwFMar  2023 


first  get  an  analysis  of  their  current 
phone  bill  compared  with  what 
they  would  pay  for  Whaleback’s 
service,  Galvin  says. 

In  general,  he  estimates  a  20-per¬ 
son  office  spends  $1 ,800  to  $2,500 
per  month  for  phones,  taking  into 
account  access  charges,  direct 
inward  dialing  numbers,  long-dis¬ 
tance,  inter-local  access  and  trans¬ 
port  area  long-distance  and  the 
like.  He  says  Whaleback  saves  cus¬ 
tomers  30%  to  50%. 

Whaleback  charges  an  installa¬ 
tion  fee,  and  customers  buy  the 
PBX  and  the  phones,  which  are 
made  by  Polycom.  For  an  office 
with  fewer  than  10  phones,  the 
setup,  configuration  and  training 
costs  $1,000  for  the  PBX  and  $300 
for  each  phone.  For  offices  with 
more  than  10  phones,  the  PBX 
cost  increases  to  $2,500.  The 
phone  price  stays  the  same. 

The  service  costs  $50  per 
phone,  per  month  and  places 
calls  to  any  phone,  whether  or 
not  it  is  on  an  IP  network,  via 
gateways  in  partner  carrier  net¬ 
works,  Galvin  says.  The  fee 


includes  monitoring  and  mainte¬ 
nance  of  the  PBX  and  phones. 

Potential  customers  should  look 
hard  at  their  calling  patterns  to 
see  whether  this  service  makes 
sense,  says  Matthias  Machowinski, 
an  analyst  with  Infonetics.A  com¬ 
pany  making  lots  of  outbound 
toll  calls  might  be  interested, 
whereas  one  making  mostly  inter¬ 
nal  calls  might  not,  he  says. 

The  service  gets  around  the 
problem  that  some  IP  phone  car¬ 
riers  have  connecting  to  911 
emergency  operators  nearest  a 
caller’s  location  by  installing  a 
separate  traditional  phone  line  to 
handle  them.  This  line  also  han¬ 
dles  fax  calls, which  are  difficult  to 
complete  over  IP  networks. 

Because  IP  phones  can  be 
moved  from  place  to  place  and 
are  identified  to  the  network  by 
their  IP  addresses,  there  is  no 
phone  wiring  uniquely  associated 
with  any  given  phone.  Enhanced 
911  services  are  supposed  to 
reach  the  nearest  emergency  dis¬ 
patcher  and  display  the  addresses 
from  which  calls  are  being  made. 


With  Whaleback’s  service,  the 
PBX  diverts  911  calls  to  the  tradi¬ 
tional  phone  line,  which  is  tied 
into  the  E911  system.The  911  ser¬ 
vice  breaks  down,  though,  if  cus¬ 
tomers  take  a  phone  from  home 
to  work,  for  example.  Then  Whale¬ 
back  reconfigures  the  phone  to 
deliver  a  recording  instructing  the 
caller  to  use  the  traditional  land¬ 
line  phone  or  a  cell  phone. 

Those  who  do  take  the  phones 
home  and  plug  them  into  broad¬ 
band  Internet  connections  get  all 
the  PBX  features  they  would  if  at 


the  office,  Galvin  says. 

Whaleback  uses  Decision  One,  a 
national  service  provider,  to  install 
equipment  at  customer  sites.  It 
also  uses  a  variety  of  cable  opera¬ 
tors  to  tie  the  IP  calls  into  the  pub¬ 
lic  phone  network. 

The  company  was  founded  by 
Galvin  and  Wray  West,  who 
worked  together  at  another  Galvin 
start-up,  Primary  Rate.  Galvin  was 
founder  of  softswitci;  vendor 
Cedar  Fbint  Communications  and 
remote  access  server  vendor 
RAScom.B 


mi 


“SUNGARD  REHEARSED  SCENARIOS 


r~Y  .  ?<  •  -  - 

•  ■  '  ••  ■  • 


?rj< 


WITH  US  A  COUPLE  OF  TIMES  A 


YEAR.  SO  WHEN  KATRINA  HIT, 

I  KNEW  OUR  DISASTER  RECOVERY 


PLAN  WOULD  WORK.”  Sr  co° 


When  it  comes  to  being 
prepared  for  unplanned  IT 
interruptions,  you  need  to 
know  your  systems  are  either  always 
available  or  can  be  quickly  recovered. 
That’s  where  SunGard’s  Information 
Availability  solutions  can  help.  We 
deliver  the  secure  data,  systems, 
networks  and  support  you  require  to 
help  your  business  stay  in  business. 
Because  your  employees,  suppliers 
and  customers  rely  on  you  to  be 
available  every  minute  of  every  day, 
you  need  continuous  access  to 
information  no  matter  what  —  you 
need  Information  Availability. 

For  over  25  years,  businesses  have 
turned  to  SunGard  to  restore  their 
systems  when  someihmg  went 
wrong.  So,  it’s  not  surprising  that 
hey  now  turn  to  us  to  give  them 
motions  to  make  sure  they  never  go 
own  in  the  first  place.  Plus, 
nGard  offers  solutions  that  let 
t  remain  in  control  of  your  IT 
.  .ronment  and  enjoy  the  flexibility 
iired  to  adjust  to  the  changing 
os  of  your  business. 


SunGard  has  a  wide  range  of  solutions  ranging  from  recovery  to  redundancy  that  address  your  enterprise-wide  requirements. 
Here  are  just  a  few  of  those  solutions: 

System  Recovery,  Mobile  Recovery,  Network  Recovery  and  End-User  Recovery  Services  help  you  get  back  up  quickly 

when  disaster  strikes.  And  when  combined  with  our  Server  Replication  and  Vaulting  for  Distributed  Systems  services, 
you  can  reduce  downtime  and  your  costs  by  25%*. 

Server  Replication.  If  your  server  is  unavailable,  for  whatever  reason,  you  can  have  a  fast  and  easy  recovery  of  your 
Microsoft®  Windows®-based  applications  from  the  replicated  servers  located  at  a  SunGard  facility.  When  your 
applications,  such  as  databases,  e-mail,  and  file  servers,  need  to  be  recovered  in  less  than  24  hours,  Server 
Replication  gives  you  data  center  redundancy  without  the  high  cost  of  building  your  own  secondary  facility. 

Vaulting  for  Distributed  Systems  provides  customers  with  an  automated  and  secure  process  for  critical  data  backup. 
Vaulted  data  is  available  for  easy  recovery  of  production  files.  The  logistics  and  time  needed  for  restoring  data  to 
backup  systems,  whether  for  testing  or  recovery,  are  greatly  improved. 

Your  job  is  to  keep  systems  and  applications  running.  Our 
mission  is  to  keep  people  and  information  connected.  Let’s  work 
together.  To  learn  more,  contact  us  at  1-800-468-7483  or  go  to 
www.availability.sungard.com/masteria  and  get  your  free  copy  of 
the  book  “Mastering  Information  Availability.” 

*25%  figure  based  on  the  IDC  White  Paper,  “Ensuring  Information  Availability:  Aligning  Customer 
Needs  with  an  Optimal  Investment  Strategy.”  Actual  savings  may  vary  depending  on  services  selected. 


SUNGARD*  SdffiSS 

Availability  Services  Connected ™ 


2.13.06  ®  www.networkwcrid.com  •  37 


TUMNOUlfiY  UPDATE 

■  AN  INSIDE  LOOK  AT  TECHNOLOGIES  AND  STANDARDS 

Model  offers  measure  for  SOA  success 


BY  JON  BACHMAN 

Service-oriented  architecture  has 
emerged  as  the  most  significant  shift  in 
how  applications  are  designed,  developed 
and  implemented  in  the  last  10  years. 

A  consortium  of  software  vendors  and 
consultants  recently  introduced  the  SOA 
Maturity  Model,  which  is  designed  to  pro¬ 
vide  IT  decision  makers  with  a  framework 
for  benchmarking  the  strategic  value  of 
their  SOA  implementations  and  planning. 
The  model  is  divided  into  five  levels. 

Level  1:  Initial  services 
At  the  initial  stage, an  organization  creates 
definitions  for  services  and  integrates  SOA 
into  methodologies  for  project  develop¬ 
ment.  In  a  financial-services  environment,  a 
Level  1  project  may  use  an  application 
server  or  an  enterprise  service  bus  (ESB) 
adapter  to  create  simple  SOAP  and  HTTP 
Web  service  invocations  between  a  man¬ 
agement  system  that  places  an  order  and  a 
trading  service  that  accepts  the  order. 

Level  2:  Architected  services 
At  this  stage,  standards  are  set  for  the 
technical  governance  of  an  SOA  imple¬ 
mentation,  typically  under  the  leadership 
of  the  architecture  organization.  Standard 
SOA  infrastructure  and  components, such 
as  an  ESB,  a  services  and  policies  reposi- 


Got  great  ideas? 


■  Network  World  is  looking  for  great  ideas 
for  future  Tech  Updates.  If  you've  got  one, 
and  want  to  contribute  it  to  a  future  issue, 
contact  Senior  Managing  Editor,  Features  Amy 

Schurr  (aschurr@nww.com). 


tory,  an  exception-management  service,  a 
transformation  service  and  a  single  sign- 
on  service,  are  used  to  foster  greater  reuse 
of  services,  as  well  as  provide  tight  man¬ 
agement  and  control  of  services  across 
an  organization. 

Level  3:  Business  services  and  collabora¬ 
tive  services 

Level  3  features  the  introduction  of  busi¬ 
ness-oriented  services,  such  as  business 
process  management  (BPM).With  a  focus 
on  the  partnership  between  technology 
and  business  organizations,  Level  3  opti¬ 
mizes  the  flexibility  of  business  processes, 
allowing  IT  to  respond  quickly  to  chang¬ 
ing  business  requirements. 

For  example,  a  Level  3  project  utilizing 
BPM  might  use  a  Universal  Description, 
Discovery  and  Integration  registry  to  find  a 
funds-transfer  service  that  could  signifi¬ 
cantly  reduce  settlement  times.  This  ser¬ 
vice  would  be  connected  to  the  ESB 
process  within  hours  of  recognizing  the 
business  need. 

Level  4:  Measured  business  services 

Level  4  provides  continuous  feedback  on 
the  performance  and  business  impact  of 
the  processes  implemented  at  Level  3. The 
key  focus  at  this  level  is  collecting  data  and 
providing  that  data  to  business  users, 
enabling  them  to  transform  the  way  they 
respond  to  events. 

In  our  example,  a  Level  4  project  could 
introduce  logging  and  a  service  to  moni¬ 
tor  business  activity. These  functions  pro¬ 
vide  a  collection  and  display  process  for 
business  managers  to  view  their  trade 
routing  operation  and  for  compliance 
officers  to  monitor  trading  behaviors  of 
their  staff  and  customers. 


HOW  IT  WORKS:  SOA  Maturity  Model 

Here's  how  an  equity  trade  process  in  a  service-oriented  architecture 
would  be  executed  as  a  sequence  of  heterogeneous  steps  by  an  enterprise 
service  bus  (ESB). 


Q  A  trader  originates  a  trade  order  via  an  order  management  system.  The  trader  receives  an  itinerary 
(aka  routing  slip):  process  rules  that  travel  with  the  message. 

B  The  order  is  routed  across  the  ESB  and  data  elements  are  transformed  to  support  the  requirements 
of  the  trading  and  compliance  systems. 

B  Once  the  trade  is  executed  and  compliance  requirements  have  been  satisfied,  the  ESB  triggers  a 
funds  transfer. 

□  finally,  the  order  is  routed  to  a  logging  service  as  a  completed  transaction. 


Level  5:  Optimized  business  services 
At  this  final  level,  business-optimization 
rules  are  added,  and  the  SOA  becomes  the 
nervous  system  for  the  enterprise.  Auto¬ 
matic  responses  to  the  measurements  and 
displays  of  Level  4  allow  an  organization  to 
take  immediate  action  on  events. 

A  Level  5  project  can  take  the  request 
messages  entering  the  ESB  and  route  that 
information  to  an  event-stream  processor. 
This  service  correlates  the  behavior  of  all 
traders  across  multiple  execution  venues 


and  identifies  important  patterns.This  infor¬ 
mation  might  be  used  to  execute  new 
trades  or  stop  a  rogue  trader  who  is  out  of 
view  of  compliance  officers. 

The  SOA  Maturity  Model  provides  a 
framework  for  IT  and  business  users  to 
properly  evaluate  the  applicability  and  ben¬ 
efits  of  SOA  in  an  organization. 

Bachman  is  senior  director  of  product 
marketing  at  Sonic  Software.  He  can  be 
reached  at  jbachman@sonicsoftware.com. 


We  read  your  Dec.  19  story  on  the  Eclipse 
Business  Intelligence  and  Reporting  Tools 
(wvm.nww.com,  DocFinder:  2130).  We  down¬ 
loaded  the  latest  release  and  found  that  the 
PDF-generation  feature  you  described  (and 
what  we  were  most  interested  in)  seems  to  be 
missing.  Things  seem  to  work,  but  we  cannot 
figure  out  how  to  generate  and  print  the  PDF 
versions  of  the  reports. 

It's  possible  that  you  installed  BIRT  2.0,  which  was 


released  in  January.  The  print  icon  in  BIRT  was  dis¬ 
abled  just  before  the  new  release  because  of  report- 
parameter  handling  problems  that  couldn't  be 
addressed  in  time  for  the  release. 

Even  though  the  print  icon  is  gone,  you  can  still 
generate  PDF  copies  of  the  reports  for  printing  by 
building  your  own  report  URL  (similar  to  one  at 
DocFinder:  2131). 

The  best  resource  for  good  information  on  working 
with  BIRT  is  the  BIRT  newsgroup  (DocFinder:  2132). 
There  have  been  several  discussions  lately  about  gen¬ 


erating  PDF  reports  using  BIRT  2.0. 

You  may  also  want  to  look  at  using  BIRT  1.0.1  if  you 
find  that  the  PDF  workaround  in  BIRT  2.0  is  a  real 
problem.  If  you  stick  with  BIRT  2.0,  be  aware  of  issues 
reported  with  report  rendering  in  Firefox  1.5.  Monitor 
the  BIRT  newsgroup  to  stay  up  to  date  with  how  best 
to  work  with  the  reporting  system. 

Blass  is  a  network  architect  at  Change®Work  in 
Houston.  He  can  be  reached  at  drinternet@chunge.at- 
work.com. 


38  •  www.networkworld.com  •  2.13.06 


A  networking  Swiss  Army  knife 


We  love  Swiss  Army  knife-style  tool 
kits,  those  suites  of  services  and  func¬ 
tions  that  are  managed  through  a 
common  interface.  We  reviewed  an 
e-mail  tool  kit  (www.nww.com,  Doc- 
Finder:  2129)  in  this  category  a  few 
weeks  ago,  and  today  we  have  a  net¬ 
working  Swiss  Army  knife-style  tool 
kit:  NetScanTools  Pro  10  from  North¬ 
west  Performance  Software. 

NetScanTools  Pro  (NSTP)  is  re¬ 
markable.  In  one  interface  you  get 
network  setup  and  configuration  ex¬ 
ploration  functions,  security  testing  services,  information¬ 
gathering  tools,  and  network  and  service  diagnostics. 
Northwest  positions  the  software  for  general  network  diag¬ 
nosis  and  exploration,  as  well  as  for  forensic  use. 

The  features  of  NSTP  are  divided  into  a  Welcome  sec¬ 
tion,  which  provides  introductory  help,  bug  reporting, 
Northwest  contact  information  and  the  ability  to  check 
for  a  new  version. 

The  next  section  leads  you  through  a  sequence  of  steps 
to  gather  information  about  a  remote  machine.  The  first 
step  asks  what  kind  of  contact  you  want  with  the  remote 
computer  (no  contact,  some  contact  or  maximum  con¬ 
tact).  The  idea  is  that  for  certain  types  of  analysis,  such  as 
tracking  down  a  hacker,  you  might  want  to  restrict  which 
tools  are  used  to  those  that  don’t  connect  directly  to  a  tar¬ 
get  machine:  This  will  avoid  setting  off  alarms.  If  you  are  a 


little  braver,  you  can  opt  for  “minimal”  testing  that  uses  non- 
aggressive  techniques, such  as  connecting  to  one  or  two 
ports  to  determine  the  existence  of  services  or  attempting 
to  “fingerprint”  the  host’s  operating  system. 

The  next  step  asks  for  basic  information  about  the  target 
system  —  the  name,  IP  address,  e-mail  address  or  URL. The 
third  step, research, runs  the  NSTP  tools  and  creates  a  report 
that  is  opened  as  a  Web  page  in  your  default  Web  browser. 

Northwest  positions  the 
software  for  network  diagnosis 
and  . . .  for  forensic  use. 

A  no-contact  report  simply  lists  the  IP  address  associated 
with  the  target,  the  DNS  servers  responsible  for  the  domain 
and  DNS  data,  geolocation  (IP  to  country  mapping),  the 
major  spam  real-time  blacklists  the  target  is  on,  and  the 
Whois  data  for  the  domain. 

With  a  most-contact  version,  not  only  do  you  get  all  the 
nocontact  data,  you  also  get  a  list  of  host  names  found 
within  the  domain,  a  traceroute  to  the  target  with  geoloca¬ 
tions  for  each  hop  and  a  list  of  open  TCP  ports. 

There  also  is  a  fourth  step  in  this  section,  which  allows 
you  to  view  or  delete  any  of  the  past  reports. 

The  next  section, Tools,  provides  access  to  the  individual 
functions  of  NSTF?This  is  a  big  list,  offering  some  46  tools. 

A  number  of  tools,  such  as  OS  Fingerprinting,  which 


attempts  to  determine  the  operating  system  in  use  on  the 
target,  warn  you  that  using  them  may  be  detected  by  the 
target  and  interpreted  as  a  threat,  so  require  you  to  accept 
the  disclaimer  and  agree  that  you  are  on  your  own. 

The  Online  section  provides  links  to  Northwest  news, sup¬ 
port  and  bug-reporting  Web  pages  and  an  update  checker. 
Finally,  the  Program  Info  section  includes  an  About  option, 
an  End  User  License  viewer,  and  access  to  the  Set 
Preferences  window  where  you  set  global  preferences  that 
affect  all  tools. 

Of  particular  interest  in  forensics  and  diagnostics  are  the 
URL  Cache  Viewer,  which  lets  you  view  the  Internet  Ex¬ 
plorer  cache,  and  the  Protected  Storage  Viewer,  which  lets 
you  view  auto-complete  information,  password-protected 
site  logon,  and  usernames  and  passwords  for  Microsoft  e- 
mail  applications. 

We  had  only  two  issues  with  NSTP:  First,  some  tools  can’t 
be  interrupted  —  with  these,  NSTP  stops  responding  until 
the  service  completes  or  times  out,  but  there’s  no  indica¬ 
tion  that  NSTP  is  still  working. The  second  issue  is  that,  with 
the  exception  of  a  couple  of  tools  that  launch  separate  pro¬ 
grams,  you  can’t  work  with  multiple  tools  simultaneously 

Along  with  this  wealth  of  functionality  there’s  an  enor¬ 
mous  help  system.  It’s  a  gold  mine  of  diagnostics. 

All  in  all  a  very  impressive  $250  tool  kit  for  everyday  net¬ 
work  analysis  and  diagnostics  and  for  more  specialized 
forensics  use. 

Your  analysis  to  gearhead@gibbs.com. 


GEARHEAD 

INSIDE  THE 
NETWORK 
MACHINE 

Mark  Gibbs 


Take  everything  you’ve  ever  thought  about  the  term  “robotic 
/si  dinosaur”  and  throw  it  out  the  window.  Pleo  has  arrived. 

Making  its  debut  at  last  week’s  Demo  ’06  show  in  Phoenix, 

Pleo  is  a  robotic  dinosaur,  for  sure,  but  it’s  much  more  than  that.  Combine  the 
best  features  of  the  Furby,  the  Cabbage  Patch  doll,  the  computer  game  The 
Sims  and  even  Sony’s  robot  dog  Aibo  (recently  discontinued),  and  you  start 
to  get  a  picture  of  how  Pleo  and  its  parent  company,  Ugobe,  will  revolutionize 
how  we  think  of  robotics. 

Unlike  other  robot  toys,  Pleo  has  a  skin  that  makes  it  look  more  like  a  stuffed 
animal  (with  a  rubbery  skin)  than  a  hard  plastic  robot. With  almost  40  sensors 
(including  infrared  and  stereophonic  sound),  Pleo  has  motion  that  is  more 
fluid  and  lifelike  than  you’d  expect  from  a  robot. There’s  no  remote  control  — 
you  touch  Pleo,  and  it  reacts  (it  can  be  happy, sad,  playful, shy  and  so  on.).  Pleo  is 
designed  to  look  like  a  1-week-old  Camarasaurus  sauropod  (long-necked  dino¬ 
saur),  though  most  people  won’t  be  rushing  to  the  reference  books  to  double¬ 
check  —  they’ll  look  at  it  and  go  “Awwwvy”  because  it’s  so  darned  cute. 

And  that’s  the  point.  Unlike  other  robots  on  the  market,  Pleo  is  meant  to  draw  an 
emotional  response.  It’s  not  surprising  that  one  of  the  inventors  of  Pleo  also  created 
the  Furby  in  1998,  which  caused  a  stir  for  its  ability  to  react  to  it  environment. 

Part  toy,  part  tech-guy  dream  gadget,  the  $199  Pleo  (Ugobe  expects  to  ship  it  just 
in  time  for  Christmas)  has  14  servo  joints  with  force  feedback;  38  touch,  sound, 
light  and  tilt  sensors  (including  nine  around  the  mouth,  chest,  head,  shoulders, 
back  and  feet);  fluid  quadruped  motion  and  the  ability  to  avoid  obstacles  and  not 
walk  off  the  edge  of  a  table.  Pleo  also  can  learn  while  it  walks.  For  example,  a  Pleo 
walking  on  a  carpet  will  learn  to  take  higher  steps  than  one  walking  on  a  hard  sur¬ 
face  —  the  designers  of  Pleo  give  the  robot  the  ability  to  adapt  and  change  based 
on  the  environment. 


Features  include  stereo  sound  sensors  and  music  beat  detec¬ 
tion;  and  the  ability  to  cough,  blink,  chomp,  twitch,  sigh  and 
growl  its  stomach,  just  to  name  a  few.  A  rechargeable 
battery  and  Secure  Digital  card  memory  expansion 
round  out  the  technical  features. 

Software  features  include 
algorithms  that  define 
whether  Pleo  is  happy 
or  not,  and  a  user’s 
interaction  with 
Pleo  will  deter¬ 
mine  whether 
Pleo  gets  happier 
or  sadder. This  makes 
it  almost  seem  like  the 
computer  game 

The  Sims  or  Nintendogs,  where  the 
user’s  actions  help  determine  where  the 
game  (or  Pleo)  goes  next.  While  there  are  cer¬ 
tain  rules  that  the  robot  must  follow,  it’s  the  unexpectedness 
of  how  Pleo  will  react  that  excited  me,  as  well  as  the  Ugobe 
officials  who  created  it. 

The  big  question  is  whether  Pleo  becomes  the  must-have  item  for  the  2006  hol¬ 
iday  season  —  judging  from  the  reaction  of  the  Demo  crowd,  it’s  certainly  up  there 
on  the  list. 

But  the  Demo  crowd  often  doesn’t  worry  about  things  like  toy  manufacturing, 
fickle  consumers,  brand  marketing  and  packaging  —  something  that  the  folks  at 
Ugobe  will  have  to  worry  about  between  now  and  Christmas. 

But  at  least  the  dinosaur  is  cute. 

Shaw  can  be  reached  at  kshaw@nww.com. 


Pleo,  the  robotic 
dinosaur,  will  be 
on  store  shelves 
in  time  for 
Christmas. 


inside: 


HP  PROLIANT  BL20p  G3  BLADE  SERVER 


with  ProLiant  Essentials  Management  Software 

•  Up  to  2  Intel®  Xeon®  Processors  (3.8QGHz/2MB)' 

•  High  density:  Up  to  48  servers  per  rack 

■  Rexible/Open:  Integrates  with  existing  infrastructure 

•  HP  Systems  Insight  Manager™:  Web-based 
networked  management  through  a  single  console 

•  Rapid  Deployment  Pack:  For  ease  of  deployment 
and  ongoing  provisioning  and  reprovisioning 

•  Integrated  Cisco  or  Nortel  switch  options 


HP  STORAGEWORKS  MSA1500cs 


Get  2TB  of  storage  free  ($2,008  Value)3 

•  Up  to  24TB  of  capacity  (96  250GB  SATA  drives) 

•  Up  to  16TB  of  capacity  (56  300GB  SCSI  drives) 

•  Ability  to  mix  SCSI  and  Serial  ATA  enclosures 
for  greater  flexibility 


The  HP  ProLiant  BL20p  G3  blade  server,  powered  by  Intel®  Xeon®  Processors,  keeps  you  one  step  ahead 
of  potential  problems.  Our  exclusive  Performance  Management  Pack  (PMP),  an  integrated  component 
of  HP  Systems  Insight  Manager,™  keeps  a  watchful  eye  over  your  servers  and  storage,  alerting  you  when 
it  detects  potential  bottlenecks  in  the  making.  It  also  provides  you  with  a  concise  overview  of  configuration 
anomalies  that  could  impact  performance  and  offers  clear-cut  recommendations  for  solving  them.  Bundle 
the  BL20p  with  the  new  HP  StorageWorks  MSA1500cs  featuring  Advanced  Data  Guarding  (ADG)  that 
replicates  data  for  unsurpassed  fault  tolerance.  You  may  debate  whether  a  problem  that  doesn't  happen 
exists.  But  HP  makes  sure  it's  no  problem  for  you. 


SMART  ADVICE  >  SMART  TECHNOLOGY  >  SMART  SERVICES 


Call  1-866-625-3909 
Click  hp.com/go/bladesmag34 
Visit  your  local  reseller 


Download  a  free  IDC  white  paper: 

Broadening  the  Blades  System  Portfolio 

For  a  limited  time,  save  $250  instantly  on  the  BL20p 


1  Intel's  numbering  is  not  a  measurement  of  higher  performance.  2.  Save  $250  instantly  on  the  purchase  of  an  HP  ProLiant  BL20p  Blade  Server.  Otter  valid  through  April  30. 2006. 3.  Receive  up  to  2TB  of  storage  free  with  purchase  of  HP  StorageWorks  Modular  Smart  Array  1500cs  devices  C.-fte  vd  through 
April  30, 2006.  All  offers  available  from  HP  Direct  and  participating  resellers.  Prices  shown  are  HP  Direct  prices,  are  subject  to  change  and  do  not  include  applicable  state  and  local  sales  tax  or  shipping  to  recipient's  destination.  Reseller  prices  may  vary.  See  Web  site  for  full  details.  Photograph,  no!  accurately 
represent  exact  configurations  priced.  Associated  values  represent  HP  published  list  price.  Intel,  the  Intel  Logo,  Xeon  and  Xeon  Inside  are  trademarks  or  registered  trademarks  of  Intel  Corporation  or  its  subsidiaries  in  the  United  States  and  other  countries.  ©2006  Hewlett-Packard  Develops  ;nr  mpanv,  L.P. 


40  •  www.networkworld.com  •  2.13.06 


The  IP  telecom 
wave 

As  the  key  VoIP  equipment  supplier  to  the  carriers  lead¬ 
ing  the  VoIP  charge,  Sonus  Networks  has  both  an  envi¬ 
able  market  position  and  an  interesting  perspective  on 
the  migration  to  the  world  of  packetized  voice. 

The  nation’s  core  telecom  infrastructure,  says  Sonus 
Chairman  and  CEO  Hassan  Ahmed,  is  updated  on  a  25-year 
cycle,  the  last  great  wave  having  been  the  move  to  digital 
switching.  By  his  calculation,  we  are  now  in  year  five  of  the 
next  big  wave,  the  migration  to  VoIP 
Early  VoIP  adopters  did  so  in  the  core,  a  fact  that  helped 
Sonus  succeed  where  other  upstarts  failed.“We  focused  on 
Class  4, ’’Ahmed  says.“Everyone  else  was  betting  on  Class  5, 
the  edge.The  reality  was  you  had  to  packetize  the  core 
before  the  edge.” 

Today  the  company’s  customer  portfolio  includes  AOL, 
AT&T,  Bell  South,  Cingular, Verizon  and  Vonage.  Ahmed  figures 
that  VoIP  networks  built  using  Sonus  gear  carry  some  17  bil¬ 
lion  VoIP  minutes  per  month. 

“With  the  migration  to  packets  over  broadband,  connec¬ 
tivity  to  the  network  is  disaggregated  from  the  services 
delivered,”  Ahmed  says.“In  the  old  world,  the  switch  that 
terminated  the  copper  pairs  also  provided  the  service. 

Now  you  can  terminate  the  last  mile  in  Manhattan  and 
offer  service  from  Kansas.” 

Although  early  carrier  converts  brought  in  VoIP  to  reduce 
costs,  the  name  of  the  game  today  is  advanced  services.“The 
last  five  to  six  years  was  about  converging  nets  for  operations 
savings,”  Ahmed  says.“Now  it  is  about  new  services.” 

If  you  use  Verizon  for  phone  service,  Internet  access,  cable 
TV  and  cellular  support,  he  argues, you  want  the  network  to 
support  your  every  whim.“If  I’m  on  a  train  to  New  York  and 
want  to  watch  CNN  on  my  cell  phone,  the  net  should  know 
who  I  am,  where  I  am,  and  deliver  what  1  want  in  a  presenta¬ 
tion  format  required  by  the  device  I’m  using.” 

Sonus  calls  that  “sendee  convergence,”  and  Ahmed  expects 
to  see  it  start  to  take  off  in  the  next  three  to  five  years.  But  it 
can’t  happen  until  the  wireless  carriers  finish  building  out 
broadband  support.Those  efforts  have  begun,  but  it  will  be  a 
few  years  before  there  is  widespread  availability  of  multi¬ 
megabit  cellular  data  links. 

The  fatter  pipes  will  make  it  easier  to  offer  new  services, 
and  that  in  turn  will  provide  incentives  for  the  wireless  carri¬ 
ers  to  move  to  iPAhmed  says.  He  sees  wireless  moving  to  IP 
switching  beginning  in  2007. 

The  way  we  view  it,  the  future  is  about  Session  Initiation 
rotocol-based  services  sitting  on  top  of  broadband  wireline 
and  wireless  infrastructures”  and  customers  being  able  to 
iove  between  them  seamlessly,  Ahmed  says. 

It  is  a  compelling  vision. 


—  John  Dix 
Editor  in  chief 
jdix@nww.com 


A  simpler  approach 

Regarding  Kevin  Tolly’s  column  “Cisco  AON:  Fight 
fire  with  fire”  (www.nww.com,  DocFinder:  2123):  It 
is  understandable  that  Cisco’s  Application 
Oriented  Networking  strategy  has  been  met  with 
what  Tolly  claims  is  a  lack  of  buzz. 

Cisco  positions  AON  as  a  network  solution  for 
the  next  generation  of  business  applications, 
which  will  be  based  predominantly  on  service- 
oriented  architecture.  The  WAN  implications  of 
SOA-based  applications  are  profound:  exponen¬ 
tial  increases  in  traffic  volume,  more  sensitivity  to 
network  latency,  less  predictable  traffic  patterns 
and  increasing  difficulty  in  identifying  high-prior¬ 
ity  traffic.Yet  Cisco’s  AON  promises  little  relief. 

While  AON’s  XML  processing  can  offload  part  of 
the  burden,  Cisco’s  own  literature  admits  that  a 
key  component  of  AON,  enhanced  message  han¬ 
dling,  is  “only  appropriate  for  a  fraction  of  the 
overall  traffic.”  Why  should  users  bother  with  an 
applications-aware  network  approach  such  as 
enhanced  message  handling  when  it  doesn’t 
solve  the  fundamental  challenge:  too  much  time- 
sensitive  traffic  over  too  little  bandwidth? 

Additionally,  applications-aware  networking  bur¬ 
dens  users  with  expensive  and  time-consuming 
tuning  and  debugging  of  applications  for  the  net¬ 
work,  which  could  take  months  and  then  must  be 
redone  on  a  continuous  basis  as  new  devices, 
users  or  software  versions  are  rolled  out. 

Ciena  believes  there  is  a  much  simpler 
approach  than  applications-aware  networking. 
Why  not  use  the  field-proven  network  techniques 
being  used  today  to  satisfy  the  high-volume,  low- 
latency  traffic  of  networked  remote  storage  and 
apply  it  to  XML,  Web  services,  LAN  extension  and 
other  distributed  application  traffic?  Using  appli- 
cations-transparent  networking  techniques,  users 


reduce  complexity  and  allow  their  software 
developers  to  continue  to  do  what  they  do  best, 
and  let  network  users  focus  on  what  they  do  best. 

Michael  Mullaley 
Director,  enterprise  networking 

Ciena 
Linthicum,  Md. 

IPTV  revolution 

Regarding  Johna  Till  Johnson’s  column  “Who 
wants  their  IPTV?”  (DocFinder:  2124):  IPTV  is  evo¬ 
lution.  I  agree  that  at  first  there  will  not  be  major 
changes  from  what  we  can  get  today  via  cable  or 
satellite,  but  having  a  common  way  to  deliver  all 
information  (phone,  TV,  Internet)  to  your  home 
via  Ethernet  is  huge.  This  is  really  the  first  major 
step  toward  convergence  of  all  three  of  these  ser¬ 
vices. 

The  only  thing  that  will  hamper  IPTV  is  multi¬ 
casting.  Due  to  the  way  multicasting  works,  only 
one  telco  vendor  will  be  able  to  send  IPTV  to 
your  house. This  means  you  still  will  get  only  one 
other  option  for  broadcast  TV  (SBC/AT&T  in  my 
case). 

The  real  deal  would  be  adding  a  service  such  as 
Akimbo  on  top  of  IPTV.  In  my  TiVo  lifestyle,  there 
are  very  few  things  that  I  need  to  see  live  —  some 
sporting  events,  maybe  news.  This  is  the  real 
threat  to  cable  and  satellite  as  it  makes  virtually 
everything  on-demand  and  with  no  boundaries, 
just  more  caching. 

Mark  Nielsen 
Technical  architect 
ADVO 
Windsor,  Conn. 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief.  Network  World,  1 18  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  verification. 


Readers  respond 

Find  out  what  readers  are  saying  about  these  and  other  topics.  DocFinder:  1030 


Pf  THE 


MAA5W./6S 

jput*  *«>'e** 


2.13.06  •  www.networkworld.com  •  41 


STRATEGY  SESSION 

Jeff  Kaplan 


ABOVE  THE  CLOUD 
James  Kobielus 


Downsizing  outsourcing 


A  recent  cover  story  in  BusinessWeek  pro¬ 
claimed  we  have  entered  an  era  in  which 
global  outsourcing  is  quickly  becoming  a 
prerequisite  for  multinational  corporations.  The 
article  described  how  corporations  of  all  sizes  are 
outsourcing  to  providers  in  India,  China,  Eastern 
Europe  and  elsewhere  to  satisfy  their  business 
needs.  Yet  escalating  competition  is  also  funda¬ 
mentally  changing  the  outsourcing  industry 
For  instance,  IBM  recently  announced  a  5% 
decline  in  its  fourth-quarter  Global  Services  rev- 
enue.The  same  day  Wipro.a  leading  offshore  out¬ 
sourcer,  reported  it  is  having  trouble  matching  the 
margins  of  its  India-based  peers  despite  a  25%  rise 
in  its  net  profits. 

There  is  no  question  the  profit  margins  of  IBM, 
Wipro  and  other  outsourcing  companies  are 
being  strained  by  rapidly  expanding  their  global 
operations  while  fending  off  intensifying  pricing 
pressure.  But  there  is  an  even  more  subtle  prob¬ 
lem  with  the  fundamental  structure  of  today’s  out¬ 
sourcing  business:  customer  downsizing  of  out¬ 
sourcing  contracts. 

Numerous  industry  studies  have  reported  that 
the  size  of  outsourcing  contracts  has  been  drop¬ 
ping  for  the  past  two  years.  IBM  experienced  a 
32%  drop  in  major,  or  strategic,  signings  in  the 
fourth  quarter  of  2005.  This  contraction  is  due  to 


corporate  disenchantment  with  the  rigidity  of 
mega-outsourcing  contracts  and  the  high  per¬ 
centage  that  fail  to  meet  business  and  service- 
level  objectives. 

To  avoid  the  risks  associated  with  traditional 
outsourcing,  corporations  are  reducing  the  scope 
and  duration  of  these  agreements.  They  also  are 
relying  on  more  providers  to  perform  more-spe¬ 
cific  tasks,  rather  than  be  at  the  mercy  of  a  single 

Corporations  are  reducing 
the  scope  and  duration  of 
these  agreements. 

outsourcer  for  everything.  This  is  a  trend  that  I 
began  calling  out-tasking  a  decade  ago,  and  it  is 
even  more  common  today 
The  two  fastest-growing  examples  of  out-tasking 
are  managed  services  and  software-as-a-service. 
Oddly  the  major  outsourcers  have  been  slow  to 
restructure  their  antiquated  operating  models  to 
capitalize  on  the  rise  of  these  out-tasking  alterna¬ 
tives.  For  the  most  part,  they  have  underestimated 
the  significance  of  managed  services  and  soft- 
ware-as-a-service  or  have  been  unable  to  convert 
their  traditional  outsourcing  business  models  to 
sell  and  deliver  more-targeted  managed  services 


and  software-as-a-service  solutions. 

There  has  been  a  misconception  that  managed 
services  and  software-as-a-service  are  primarily 
aimed  at  small  and  midsize  businesses.  In  reality, 
managed  services  were  pioneered  by  major 
telecommunications  carriers  more  than  20  years 
ago  to  help  their  largest  customers  manage  their 
networks,  and  many  software-as-a-service  pro¬ 
viders  have  a  surprisingly  large  installed  base  of 
Fortune  500  companies. 

A  clear  indication  of  the  shift  in  the  outsourcing 
landscape  is  a  new  partnership  between  Indian 
outsourcer  Tata  Consultancy  Services  and  Sales- 
force.com,  in  which  TCS  will  offer  new  call-center 
and  other  services  based  on  the  software-as-a-ser- 
vice  applications  in  Salesforce.com’s  App- 
Exchange. 

Large-scale  outsourcing  isn’t  going  to  go  away, 
but  enterprise  business  and  IT  leaders  no  longer 
need  to  make  big  bets  on  long-term  agreements 
to  achieve  their  business  objectives.  Instead,  they 
can  now  enlist  more-narrowly  focused  managed 
services  and  software-as-a-service  solutions  to 
address  their  strategic  business  requirements. 

Kaplan  is  managing  director  ofTHINKstrategies, 
a  consultancy  in  Wellesley,  Mass.  He  can  be  reached 
at  jkaplan@thinkstrategies.  com. 


S0A  platform  vendors  will  own  ESB  market 


Enterprise  service  bus  is  the  most  promising 
new  middleware  approach.  ESB  generally 
refers  to  integration  software  that  supports 
simple,  expedited,  loosely  coupled,  standards- 
based, service-oriented  integration.lt  also  refers  to 
a  segment  of  the  middleware  market  that  con¬ 
verges  the  best  features  of  message-oriented  mid¬ 
dleware,  integration  brokers  and  Web  services. 

The  ESB  market  is  heating  up  but  possibly  also 
melting  down.  Recently  we’ve  seen  a  leading 
ESB  vendor  —  Sonic  Software  (an  operating 
unit  of  Progress  Software)  —  merge  with  ser¬ 
vice-oriented  architecture  (SOA)  governance 
vendor  Actional.  ESB  environments  need  the 
policy-driven  management  provided  by  robust 
IT  governance  tools. 

However,  Sonic-Actional  won’t  be  able  to  com¬ 
pete  for  long  against  the  SOA  platform  vendors  — 
especially  BEA,  IBM,  Microsoft  and  Oracle  —  that 
are  adding  ESB  and  IT  governance  functionality 
to  their  suites  at  a  rapid  clip.  When  the  ESB  market 
matures  by  the  end  of  this  decade,  pure-play  ESB 
vendors  will  find  their  value  proposition  usurped 
by  platform  vendors  that  have  embedded  ESB 
functionality  into  their  offerings. 

Many  SOA  platform  vendors  are  embedding 
ESB  functionality  more  deeply  into  their  environ¬ 
ments.  They  do  so  in  order  to  address  a  broader 
range  of  integration  scenarios,  support  their  own 
integration  software  products  and  position  their 
platforms  as  alternatives  to  third-party  integration 
software.  What,  for  example,  is  Microsoft’s  Win¬ 
dows  Communication  Foundation  (WCF)  if  not 


an  attempt  to  push  ESB  functionality  more  deeply 
into  Windows? 

In  the  next  two  to  three  years,  the  ESB  wave  may 
give  some  platform  vendors  an  advantage  over 
their  direct  competitors.  When  Microsoft  delivers 
commercial  WCF  and  Windows  Workflow 
Foundation  (WWF)  functionality  in  Vista  and 
Longhorn,  the  company  will  be  able  to  position 
its  server  and  client  platforms  as  ESB-enabled  out 
of  the  box.  Microsoft  also  has  committed  to  run¬ 
ning  WCF  on  pre-Longhorn  Windows  platforms 
—  Windows  XP  and  Windows  Server  2003  — 

The  ESB  market  is  heating 
up  but  possibly  also 
melting  down. 

which  will  further  strengthen  its  ESB  and  SOA 
story. 

Over  the  next  several  years,  platform  vendors 
that  fail  to  address  ESB  functionality  in  their  road 
maps  will  marginalize  themselves  out  of  the  SOA 
market.  Minor  platform  vendors  won’t  be  able  to 
survive  in  a  market  that  eventually  will  be  domi¬ 
nated  by  SOA  platforms.  At  the  very  least,  all  plat¬ 
form  vendors  will  need  to  implement  WS  Reliable 
Messaging  in  their  architectures  in  order  to 
enable  reliable,  guaranteed,  once-only  delivery  of 
Simple  Object  Access  Protocol  (SOAP)  messages 
over  Web  services  environments. 

By  the  end  of  this  decade,  ESB  functionality  will 
be  common-denominator  functionality  imple¬ 


mented  on  all  platforms,  leveraging  the  industry’s 
common  denominator  interoperability  stack:  the 
WS-*  stack.  As  ESB  functionality  becomes  ubiqui¬ 
tous  in  application  platforms,  pure-play  ESB  mid¬ 
dleware  vendors  will  find  the  going  tough.Today’s 
ESB  middleware  market  segment  will  fade  away, 
absorbed  into  the  SOA  platforms  that  will  domi¬ 
nate  all  distributed  environments.  In  order  for 
these  SOA  platform  vendors  to  distinguish  their 
commoditized  ESB  features,  they’ll  have  to  keep 
evolving  up  the  functionality  stack,  adding  Web 
services  management  (WSM),  dynamic  content- 
based  routing,  distributed  transactions  and  other 
advanced  features. 

As  regards  WSM  functionality  there's  little  of 
that  in  today’s  ESB  market  —  that’s  why  the  merg¬ 
er  of  Sonic  (the  ESB  pioneer)  and  Actional  tone 
of  the  WSM  pioneers)  is  so  significant  •.  T  •  '•  en- 
dors  will  layer  WSM  functionality  on  ih.  r  prod¬ 
uct  architectures  in  the  coming  year  likely 
that  other  WSM  pioneers,  such  as  Amberftaint, 
will  find  ESB  suitors.  Another  likely  dew  iopment 
is  for  network  appliance  vendors  — :  h  Cast 
Iron  Systems,  Cisco  Systems,  F5  Nctw  ■  and 
Solace  Systems  —  to  reposition  their  arts  as 
high-performance  ESB  message  ;•  ing 
nodes. 

Kobielus  is  a  senior  technical  system  ■.  '■■■yst  at 
Exostar,  a  business-to-business  traduce  cage 

serving  the  aerospace  and  defense  ind..  v. r  .  can 
be  reached  at  (703)  340-8134  or  James. j:  :  js@ 
hotmail.com. 


42  •  www.networkworld.com  •  2.13.06 


Two  experts  debate  whether  outsourced  security  services  are  better  than  CPE-based  systems. 


Is  ‘security  in  the  cloud' 
the  way  to  go? 


Yes 

Brad  Miller 

Perimeter  Internetworking 


No 

Bruce  Schneier 

Counterpane 


Managed  customer  premises  equipment  represents  the  old  way  of  providing 
managed  security  services.  This  is  evidenced  by  several  factors,  including  the 
failure  of  most  managed  security-service  providers  to  achieve  commercial  suc¬ 
cess,  despite  the  fact  that  large,  well-funded  companies  own  many  of  them. 

Managed  CPE  addresses  only  a  small  part  of  a  large  problem:  the  labor  required  to 
monitor  devices.  The  larger  problem  is  the  ability  to  keep  up  with  rapidly  changing 
threats  in  terms  of  cost  and  speed. The  security  world  has  become  complex,  growing 
beyond  firewalls  and  intrusion-detection  systems  (IDS)  — the  primary  services  of  man¬ 
aged  CPE  companies.Today  there  are  hundreds  of  security  technologies  that  solve  var¬ 
ied  problems,  and  new  solutions  are  introduced  daily  to  solve  problems  that  have  not 
yet  been  discovered.  As  such,  the  real  problem  of  security  is  the  cycle  of  discovering 
new  problems, evaluating  new  products  and  vendors, performing  the  R&D  to  select  the 
right  product,  and  purchasing  this  product  and  integrating  it  with  all  of  the  other  secu¬ 
rity  technologies.  Managing  the  technology  after  the  fact  is  an  important  but  small  part 
of  the  whole  puzzle.  Most  companies  remain  insecure,  not  because  they  lack  great 
technology  but  because  they  lack  the  time  and  money  to  deploy  it. 

“Security  in  the  cloud”  is  a  managed  security  service  that  redirects  traffic  through  a 
central  security  platform,  thus  stopping  bad  traffic  before  it  gets  to  the  client.lt  provides 
a  fully  designed,  built  and  deployed  suite  of  security  services  that  can  be  subscribed  to 
on  demand.  By  accessing  a  centralized  platform  or  security  utility,  clients  can  leverage 
dozens  of  security  technologies  without  delay  and  more  economically  than  they  could 
on  their  own. The  economic  efficiencies  gained  by  one  large  provider  serving  many 
clients,  and  the  speed  to  market  in  terms  of  incorporating  new  technologies,  are  criti¬ 
cal  to  a  company’s  ability  to  achieve  real  security  With  security  in  the  cloud,  clients  get 
the  benefit  of  more  security  technologies  faster  and  less  expensively 
In  addition  to  improved  economics  and  speed  of  deployment,  providers  of  security- 
in-the-cloud  technology  can  offer  products  that  are  integrated  at  levels  not  previously 
available.  An  example  of  this  is  IDSs  and  intrusion-prevention  systems  that  take  anti¬ 
virus  signatures  into  account  when  blocking  potentially  offensive  traffic.  Tightly  inte¬ 
grated  deployment  of  diverse  security  technologies  —  the  Holy  Grail  of  the  industry  — 
remains  largely  elusive.  Security-in-the-cloud  service  providers  can  rationalize  these 
integration  projects  in  a  way  that  is  impossible  for  most  companies. 

The  bottom  line  is  that  the  superior  protection,  economics  and 
speed  of  deployment  of  security  in  the  cloud  will  further  marginalize 
CPE-based  managed  security.  Large  carriers  will  embrace  security  in 
ihe  cloud  and  will  obviate  the  need  for  CPE  systems.  Traditional 
fv’SSPs  will  be  better  served  if  they  accept  this  reality  and  partner  with 
large  carriers  to  capitalize  on  this  undeniable  movement. 

Miller  is  CEO  of  Perimeter  Internetworking.  He  can  be  reached  at  brad 
mil ler@perimeterco.com.  Andrew  Greenawalt  (agreenawalt@perimeter 
corn ),  founder  and  CTO  of  Perimeter  Internetworking,  also  contributed 
to  this  column. 


One  of  the  basic  philosophies  of  security  is  defense  in-depth:  overlapping  systems 
designed  to  provide  security  even  if  one  of  them  fails.  An  example  is  a  firewall 
coupled  with  an  intrusion-detection  system  (IDS).  Defense  in-depth  provides 
security  because  there’s  no  single  point  of  failure  and  no  assumed  single  vector  for 
attacks. 

It  is  for  this  reason  that  a  choice  between  implementing  network  security  in  the  mid¬ 
dle  of  the  network  —  in  the  cloud  —  or  at  the  endpoints  is  a  false  dichotomy  No  sin¬ 
gle  security  system  is  a  panacea,  and  it’s  far  better  to  do  both. 

This  kind  of  layered  security  is  precisely  what  we’re  seeing  develop.  Traditionally, 
security  was  implemented  at  the  endpoints,  because  that’s  what  the  user  controlled. 
An  organization  had  no  choice  but  to  put  its  firewalls,  IDSs  and  anti-virus  software 
inside  its  own  network.  Today  with  the  rise  of  managed  security  services  and  other 
outsourced  network  services,  additional  security  can  be  provided  inside  the  cloud. 

I’m  all  in  favor  of  security  in  the  cloud.  If  we  could  build  a  new  Internet  today  from 
scratch,  we  would  embed  a  lot  of  security  functionality  in  the  cloud.  But  even  that 
wouldn’t  substitute  for  security  at  the  endpoints.  Defense  in-depth  beats  a  single 
point  of  failure,  and  security  in  the  cloud  is  only  part  of  a  layered  approach. 

For  example,  consider  the  various  network-based  e-mail  filtering  services  available. 
They  do  a  great  job  of  filtering  out  spam  and  viruses,  but  it  would  be  folly  to  consid¬ 
er  them  a  substitute  for  anti-virus  security  on  the  desktop.  Many  e-mails  are  internal 
only,  never  entering  the  cloud  at  all. Worse, an  attacker  might  open  up  a  message  gate¬ 
way  inside  the  enterprise’s  infrastructure. Smart  organizations  build  defense  in-depth: 
e-mail  filtering  inside  the  cloud  plus  anti-virus  on  the  desktop. 

The  same  reasoning  applies  to  network-based  firewalls  and  intrusion-prevention 
systems  (IPS).  Security  would  be  vastly  improved  if  the  major  carriers  implemented 
cloud-based  solutions,  but  they’re  no  substitute  for  traditional  firewalls,  IDSs  and  IPSs. 

This  should  not  be  an  either-or  decision.  At  Counterpane,  for  example,  we  offer 
cloud  services  and  more  traditional  network  and  desktop  services.  The  real  trick 
is  making  everything  work  together. 

Security  is  about  technology,  people  and  processes.  Regardless  of  where  your 
security  systems  are,  they’re  not  going  to  work  unless  human  experts  are  paying 
attention.  Real-time  monitoring  and  response  is  what’s  most  impor¬ 
tant;  where  the  equipment  goes  is  secondary. 

Security  is  always  a  trade-off.  Budgets  are  limited  and  economic 
considerations  regularly  trump  security  concerns.Traditional  security 
products  and  services  are  centered  on  the  internal  network,  because 
that’s  the  target  of  attack.  Compliance  focuses  on  that  for  the  same 
reason. Security  in  the  cloud  is  a  good  addition,  but  it’s  not  a  replace¬ 
ment  for  more  traditional  network  and  desktop  security. 

Schneier  is  CTO  of  Counterpane  Internet  Security.  You  can  read  more  of 
his  security  writing  at  www.schneier.com. 


nww.com 

Have  your  say 

Log  on  to  Network  World  to  voice  your 
opinion.  Face-off  authors  Brad  Miller  and 
Bruce  Schneier  will  add  their  thoughts  to 
the  discussion. 

DocFtnder:  2122 


he  application  is  dead,  according  to 
the  pundits.  That  expensive,  inflexible, 
monolithic  enterprise  app  just  doesn’t  cut 
it  in  today’s  real-time,  on-demand,  always- 
connected,  Webified  world.  But  what 
takes  its  place? 

In  this  package  of  stories,  industry  thought  leaders 
share  their  vision  of  the  future  of  software,  as  they 
describe  the  new  ways  in  which  applications  will  be 
written;  sold,  deployed  and  managed. 


•  Charles  Stack,  president  of  I'lasl i line,  says  traditional  a 

anchor  that  weigh  companies  down.  Service-oriented  arch) 
(SOA)  will  replace  old  apps  and  will  help  companies  alignT 
ness.  Page  44.  • 

•  Rick  Faulk,  president  of  WebEx  Small  Business,  argues,™ 
of  the  future  is  on-demand  software  that  is  available  anyth#!*! 
to  employees,  customers  and  business  partners.  Page  4 

•  Sun  CT( )  Greg  Papadopoulos  says  open  source  and 

service  are  the  two  big  trends.  Eventually,  they  will  morph  in 
calls  open  services.  Page  4(>.  '  •  ^ 

•  Consultant  Josh  Grecnhauni  takes  a  hard  look  at  the  r£$| 
between  software  vendors  and  enterprise  customers  and  bej 
SOA  will  shift  the  balance  of  power  to  customers.  Page  1<S. 

•  Analyst  Toni  Kucharvy  lays  out  tin*  challenges  that  indi|j 
ware  vendors  (ISV)  face.  Change  is  inevitable,  uncertainties 
there  is  opportunity  for  vendors  that  remain  agile  and  flexibl 


44  •  www.networkworld.com  •  2.13.06 


The  future  is: 

Servic&oriented  architecture 


BY  CHARLES  STACK 

he  enterprise  application  as 
we  know  it  is  dead.  Zombie¬ 
like,  it  still  lumbers  along,  life¬ 
like  enough  to  fool  many  IT 
professionals.  But,  make  no  mistake 
—  it  is  dead. 

In  today’s  climate  of  ever-accelerating  change,  big,  one- 
size-fits-all  applications  do  not  help  organizations  do 
business  more  effectively.  The  monolithic  applications 
that  prevent  companies  from  adapting  to  new  business 
challenges  are  giving  way  to  a  matrix  of  services  called 
the  service-oriented  architecture  (SOA). 

The  complexity  and  rigidity  of  traditional  systems 
results  in  the  too-familiar  misalignment  between  IT  and 
the  business.The  IT  side  is  bogged  down  with  the  burden 
of  maintaining  20th-century  systems  and  processes  that 
have  become  too  bloated  and  inefficient  to  deal  with  the 


demands  imposed  by  the  21st-century  business  environ¬ 
ment.  In  many  organizations,  that  maintenance  burden 
approaches  80%  of  the  total  IT  budget. 

This  is  not  news  to  IT  professionals,  who  for  years  have 
put  up  with  these  headaches,  because  they  had  no  alter¬ 
native  to  automate  critical  business  processes.  Inflexible 
automation  was  better  than  no  automation  at  all  —  until 
now.  Enterprises  can  adopt  an  SOA  and  create  applica¬ 
tions  composed  of  modular  software  components  that 
are  interconnected  through  well-defined,  open  Web  ser¬ 
vice  standards. 

Just  as  companies  moved  from  mainframe  to  client- 
server,  so  must  IT  move  from  monolithic  applications  to  a 
matrix  of  loosely  coupled  Web  services  that  enable  the 
composition  and  recomposition  of  business  processes. 

For  example,  checking  an  account  balance  is  a  com¬ 
mon  function  in  banking  applications.  In  a  traditional 
architecture,  each  new  banking  application  would 
include  code  to  check  balances.  In  an  SOA,  “check 
account  balance”  would  live  as  a  Web  service.  Any  appli¬ 
cation  requiring  that  functionality  can  simply  link  to  the 
appropriate  Web  service. 

The  biggest  benefit  of  SOA  is  flexibility.  An  SOA  allows 


the  enterprise  to  quickly  change  its  infrastructure  in 
response  to  changes  in  the  business  environment, 
because  most  of  the  basic  processes  are  already  avail¬ 
able  as  Web  services.  New  functionality  can  be  devel¬ 
oped  as  a  Web  service  and  linked  back  to  other  neces¬ 
sary  business  processes.  The  business  can  adapt  and 
thrive. 

While  the  value  and  inevitability  of  building  SOAs  are 
generally  recognized,  many  organizations  have  failed  to 
revamp  their  approach  to  building  software.  Almost 
everyone  understands  the  importance  of  a  service  archi¬ 
tecture’s  ability  to  deliver  cost  savings  and  agility.  But  we 
are  in  the  frothy  part  of  the  adoption  curve,  where  every¬ 
one  is  adopting  SOA  —  even  those  who  aren’t  entirely 
sure  how  to  do  it. 

A  recent  high-level  SOA  and  Web  services  conference- 
featured  an  SOA  panel  that  consisted  of  four  engineers 
and  a  marketing  professional. 

After  the  engineers  finished  their  detailed  spiels  on 
Web  services,  the  marketing  person  said,  “I’m  not  sure  I 
understood  any  of  that,  but,”  at  which  point  the  audience 
burst  into  applause. 

But  don’t  be  fooled:  SOA  is  not  just  another  overhyped 
IT  trend. Organizations  that  have  deployed  well-managed 
SOAs  are  seeing  enormous  gains  in  cost-savings  and 
infrastructure  flexibility.  Unfortunately,  too  many  IT 
departments  are  building  Web  services  as  though  they 
were  constructing  the  cumbersome,  stand-alone  applica¬ 
tions  whose  demise  they  are  to  oversee. 

These  organizations  must  destroy  development  silos. 
Web  services  are  inherently  interdependent  and  connect 
with  middleware  components,  legacy  systems,  e-business 
applications  and  other  software  assets  in  the  IT  environ¬ 
ment.  Unless  development  teams  communicate  and  col¬ 
laborate  effectively,  an  SOA  will  end  up  increasing  com¬ 
plexity  and  costs. 

Companies  also  must  ensure  that  the  development  of 
Web  services  adheres  to  a  target  architecture. The  failure 
to  focus  on  architecture  results  in  an  architecture  that  is 
largely  crippled,  rather  than  loosely  coupled.  Archi¬ 
tecture  often  lives  in  inert  PowerPoint  or  Word  docu¬ 
ments  that  are  rarely  read.  IT  management  and  develop¬ 
ment  project  leads  must  establish  governance  practices 
and  systems  that  require  project  teams  to  follow  the 
architecture,  adhere  to  standards  and  ensure  that  ser¬ 
vices  are  in  compliance  with  the  SOA. 

Finally,  it  is  critical  to  deploy  a  central  registry/reposito¬ 
ry  that  discovers,  identifies  and  maps  services  for  reuse, 
and  that  understands  the  relationships  between  various 
services.  If  no  repository  is  in  place,  Web  services  and 
other  applications  built  on  the  SOA  will  be  developed  in 
isolation  and  misaligned  with  architecture. 

The  application  as  we  knew  it  is  dead,  and  yesterday’s 
monolithic  IT  infrastructure  is  being  deconstructed  into 
a  dynamic  matrix  of  loosely  coupled  services. The  transi¬ 
tion  to  SOA  will  not  be  easy;  we  must  learn  to  build  and 
manage  this  new  software  in  new  ways. But  the  result  will 
be  the  agile,  on-demand  enterprise. 

Stack  is  the  CEO  of  Rashline,  a  provider  of  SOA  and  soft¬ 
ware  asset  portfolio  management  solutions.  He  can  be 
reached  at  cstack@flashline.com. 


Don’t  be  fooled:  SOA 
is  not  just  another 
overhyped  IT  trend. 
Organizations  that 
have  deployed  well- 
managed  SOAs  are 
seeing  enormous 
gains  in  cost-savings 
and  infrastructu 
flexibility. 


2.13.06  •  www.networkworld.com  9  45 


BY  RICK  FAULK 


The  niture  is: 
On-demand  software 


odays  business  environment 
is  becoming  more  distrib¬ 
uted;  every  day  we  see  the 
need  for  and  acceptance  of 


Businesses  will 
look  for  vendors 
who  can  offer  a 
one-stop  shop 
or  on-demand 
echnology. 


a  dispersed  workplace  —  one 
where  offices,  workers,  partners 
and  customers  are  spread  world¬ 
wide. 

Until  now,  much  of  business  has  been  conduct¬ 
ed  at  the  physical  office;  however,  work  is  quick¬ 
ly  becoming  more  “atomized”  and  distributed 
among  loosely  coupled  global  communities  of 
workers.  As  this  trend  continues,  more  business 
will  happen  on  the  network  outside  the  confines  of 
a  company’s  firewall. 

Tomorrow’s  business  challenge  will  be  how  to  work 
across  dispersed  environments  to  stay  connected  and 
work  seamlessly  with  anyone,  from  anywhere  instanta¬ 
neously.  To  keep  pace  with  the  evolving  workplace, 
software  vendors  will  need  to  be  more  nimble  and  pre¬ 
pared  to  adopt  new  ways  of  delivering  value  to  cus¬ 
tomers. 

As  2005  concluded,  many  in  the  industry  made  predic¬ 
tions  about  the  direction  software  will  be  taking  over  the 
next  few  years.  Trends  such  as  ad-supported  business 
applications,  the  viability  of  on-demand  software  and  the 
potential  demise  of  the  traditional  on-premise 
client/server  delivery  model  all  took  center  stage. 

However,  the  future  of  the  software  market  will  not 
only  be  about  how  software  is  supported  and  deliv¬ 
ered,  but  about  how  it  can  make  critical  information 
more  accessible  and  useable  for  tomorrow’s  knowl¬ 
edge  workers. 

Accessibility  to  critical  business  applications  —  at 
any  time,  anywhere  —  has  been  the  battle  cry  of  on- 
demand  vendors  for  many  years.  On-demand  services 
can  be  accessed  entirely  online,  paid  for  on  a  low 
monthly  basis,  and  require  no  maintenance  or  support. 
Most  importantly,  these  applications  provide  a  common 
framework  to  bring  knowledge  workers  together, 
whether  it’s  a  coworker  in  the  next  cubicle  or  a  partner 
halfway  around  the  world. 

The  on-demand  business  model  is  quickly  gaining 
traction  among  organizations  of  all  sizes.  For  example, 
according  to  IDC’s  recent  report,  “U.S.  Software  On- 
Demand  Delivery  Model  2005-2009  Forecast,"  cus¬ 
tomers  are  becoming  more  comfortable  with  the 
model. The  report  indicates  that, “the  cost-savings  bene¬ 
fits  surrounding  software  delivered  on-demand  have 
resonated  with  the  marketplace  and  customers  are 
now  looking  at  on-demand  delivery  of  software  to  help 
increase  employee  productivity  and  efficiency  within 
customer  organizations.” 

In  addition,  an  earlier  IDC  survey  on  software  as  a  ser¬ 


vice  found  that  nearly  79%  of  businesses  have  or  have 
considered  using  on-demand  applications;  this  clearly 
demonstrates  the  increased  interest  in,  and  viability  of, 
the  on-demand  delivery  model. 

However,  as  businesses  adopt  on-demand  software 
and  realize  the  cost  and  productivity  benefits  it  brings 
to  their  organizations,  there  will  be  a  new  challenge. 
Those  who  begin  to  use  on-demand  software  for  all  of 
their  business  applications  will  become  weary  of  jump¬ 
ing  from  one  application  to  the  other  to  access  the  data 
they  need.  For  example,  a  worker  who  uses  on-demand 
CRM  software,  collaboration  software,  Web  conferenc¬ 
ing  software  and  human-capital-management  software, 
will  find  he  has  to  move  in  and  out  of  different  envi¬ 
ronments  to  perform  different  tasks. 

Accessing  these  applications  from  various  providers 
on  the  Internet  will  become  taxing  on  workers  who 
crave  an  easy  to  use  common  platform,  accessible  by 
anyone,  at  anytime,  to  conduct  all  of  their  business-crit¬ 
ical  operations. 


Although  there  has  been  a  surge  in  on-demand  ven¬ 
dors  in  every  imaginable  market,  consolidation  will  Ire 
the  next  logical  step.  Businesses  will  begin  r  •  look  for 


vendors  who  can  offer  a  one-stop  shop  for  or  demand 
technology  that  can  provide  access  to  their  infonna- 
tion  from  various  information  sources  within  on*3  sim¬ 
ple  framework. 

By  having  a  common  shared  platform,  r  .  .  w’s 
knowledge  workers  can  reach  beyond  the  c  r  of 
their  offices  with  anyone  they  need  to  do  bum •  -th 
—  customers,  partners,  suppliers  —  all  without  r  bar¬ 
riers.  In  the  future,  vendors  with  the  ability  to  a 
full  suite  of  on-demand  services,  on  the  m<  ■  sbie 
network  with  the  greatest  efficiency,  either  !  .  .  Sing 

it  themselves  or  acquiring  and  consolidate.  ■  •  ire 

from  other  on-demand  vendors,  will  be  th;  •  .  ■>  of 
the  on-demand  software  battle. 

Faulk  is  president  ofWebEx  Small  Business  .  .  :.  be 

reached  at  Rick.faulk@webex.com. 


46  •  www.networkworld.com  •  2.13.06 


The  future  is: 

New  kinds  of  communities 


BY  GREG  PAPADOPOULOS 


Anyone  with  at  least  one  eye 
open  has  noticed  two  trends 
—  open  source  software 
and  software  as  a  service  — 
but  is  there  a  connection  and,  if  so, 
where  will  it  take  us? 


Open  source  communities  provide  the  commonly  avail¬ 
able  creative  environment  for  software  developers  to 
share  in  the  building  of  operating  systems,  Web  servers, 
browsers,  desktops,  productivity  suites  —  the  building 
block  for  network  services. 

But  even  if  service  providers  choose  to  use 
open  source  building  blocks,  software  as  a  ser¬ 
vice  is  at  heart  a  much  different  trend.  It’s  not 
about  the  bits.  It’s  about  delivering  the  con¬ 
sequences  of  the  bits. 

An  odd  sort  of  side  effect  here  is  that 
many  of  today’s  biggest  software  com¬ 
panies  aren’t  known  as  software  com¬ 
panies  at  all.  Google,  eBay,  Amazon, 

PayPal  and  Yahoo  are  all  software  com¬ 
panies.  But  we  don’t  buy  bits  from 
them;  we  simply  get  the  results  of  the 
code  they  create. 

Companies  such  as  Google  have  made 
it  well  known  that  they  use  open  source 
technologies  in  their  operations,  so  there 
is  clearly  some  blending  or  merging  of  the 
two  trends.  But  what  comes  next?  What 
comes  after  open  source  and  software  as  a  ser¬ 
vice?  The  answer  should  be  open  services.  But 
that’s  hardly  guaranteed. 

The  great  irony  is  that  Google,  in  many  ways  the 
icon  of  the  new  service  economy,  is  one  of  the  most 
proprietary  software  companies  on  the  planet.  How 
many  people  have  actually  seen  its  code?  Is  Google’s 
search  engine  open  source?  No.  Is  its  software  around 
advertising  and  auctions  open  source?  No.  And  I’m  not 
saying  they  should  be.  But  if  we’re  not  careful  and  we  let 
things  evolve  the  way  they  are, services  will  be  very  pro¬ 
prietary,  even  when  built  on  open  technologies. 


Open  services  means  open  interfaces 

So  how  do  we  collectively  build  services  that  are  trans¬ 
parent  in  their  operation  and  construction  and  let  peo¬ 
ple  access  a  copy  of  them?  That’s  the  next  necessary 
wave  in  software  culture.  Otherwise,  we’re  going  to  end 
>:p  at  a  point  where  everyone  has  labored  to  create  this 
common  infrastructure,  everyone  has  contributed  to  it, 
out  a  particular  set  of  proprietary  concerns  have  taken 
; hat  infrastructure  and  are  generating  profits  off  it  — 
hile  preventing  others  from  competing  with  them. 
How?  By  controlling  the  interfaces  to  the  service. 

To  understand  the  importance  of  interfaces,  imagine 
■  >r  a  moment  what  you  could  do  with  a  patent  on  the 
ticee-pronged  plug.  You  could  corner  the  market  on 


electric  appliances?.  That’s  why  1  believe  it  should  be 
exceedingly  difficult  to  gain  patent  protection  on  an 
interface. 

Competition  in  the  electric-appliances  market  should 
be  based  on  factors  such  as  energy  efficiency,  reliability 
and  cost,  not  the  design  of  the  plug. The  same  principle 
applies  to  software. 

Do  we  want  to  create  healthy  competition  or  new 
monopolies? 

I  would  never  suggest  that  a  maker  of  electric  motors 
shouldn’t  receive  patent  protection  on  a  new  armature, 


you’re  stuck. 

At  the  very  least  we  need  to  recognize  —  and  man¬ 
date  —  that  interfaces  always  be  subject  to  reverse  engi¬ 
neering. 

That’s  the  social  exchange.  If  you  create  a  service  and 
people  become  dependent  on  that  service,  then  others 
can  inspect  your  interfaces  to  create  an  alternative  ser¬ 
vice.  It’s  then  up  to  them  to  make  it  better,  faster, easier,  less 
expensive.That’s  the  way  we’re  going  to  get  the  most  inno¬ 
vation. 


better  magnets  or  improved  control  logic.  But  competi¬ 
tors  should  be  able  to  reverse  engineer  the  plug. 

By  the  same  token,  if  the  world  becomes  dependent  on 
a  set  of  interfaces  into  a  service  you’ve  created,  you 
should  not  be  able  exclude  others  from  building  a  similar 
service  because  of  your  control  over  the  interface. 

Just  as  there  have  always  been  costs  associated  with 
switching  among  traditional  software  vendors,  there  are 
costs  associated  with  switching  services  —  and  interfaces 
are  key  If  they’re  open,  you’ll  be  able  to  shop  around  for 
an  alternative  and  get  a  competitive  price.  Otherwise 


What  comes  after  open 
source  and  software 
as  a  service?  The 
answer  should  be  open 
lervices.  But  that' 
lardly  guarantee! 


New  kinds  of  communities 

We  also  need  new  kinds  of  communi¬ 
ties.  Most  of  today’s  communities  are  built 
around  code.  But  to  create  open  services, 
we  need  more  communities  built  around 
compute  power.  If  you  want  to  do  an  open 
version  of  Google,  for  example,  you  need  to 
have  people  working  collectively  on  an  actu¬ 
al  running  search  engine.  But  how  many  peo¬ 
ple  are  going  to  build  up  the  kind  of  compute 
power  needed  to  crawl  the  Web?  Now  imagine 

what  could  be  done  with  a  community  Web  crawler,  a 
shared  database  of  the  Web,  where  experimental  search 
technologies  could  be  tested. 

1  can  easily  picture  all  kinds  of  Web-based  experi¬ 
ments  being  done  through  peer-to-peer  networks  in 
which  people  share  compute  cycles  on  personal  com¬ 
puters  —  think  SETI@home  but  for  other  purposes  than 
the  search  of  extraterrestrial  intelligence  —  or  through 
a  global  grid  that  sells  CPU  cycles  at  an  affordable 
price. 

Or  maybe  it’s  some  combination  of  the  two.  Maybe 
you  collaborate  on  a  multiplayer  game  on  a  peer-to- 
peer  network,  then  launch  a  commercial  version  on  the 
global  grid  —  renting  the  infrastructure  instead  of 
building  your  own. 

These  are  possibilities  that  Sun  will  be  doing  its  part 
to  stimulate  with  the  Sun  Grid  —  providing  a  place 
where  people  can  go  and  say  not  just,  “Here’s  my  pro¬ 
gram.  Download  it,”  but  rather,“Here’s  my  program  actu¬ 
ally  running.  Go  interact  with  it.  Populate  it  with  addi¬ 
tional  services.  Add  value  and  prosper.” 


Papadopoulos  is  CTO  for  Sun.  He  can  be  reached  at 
greg@sun.com. ' 


enterprise 


expose 


powerful 


i  support 

afford 


contro1  optimize  go 


trust 

© 


informed 


safeguard 

o 

undeteraijned 


.\  a«<?rd  \  O'"'7  : 

undefendable  ~f— 

\  \  \  \  ■  ;  j  •  ,  outdoors  / 

nqeel ;  \  .  .  j  /  ;  /  7  /  integrated  V 

'  fe/  /-4Z,  .•••' ' 


O 


available 

- connectivity 


unstoi 


foundati 


_ Q  spread  out 


enterprise 


start  up 
^journey 


_ opened  , - - " ® 

G."  ' - capable  _ .  -  — 3CCeSS 


-■  f/H 

ant  i  I  \  \  \  \ 


unfastened 


passwords 


identity 


Identity 

Manager 


bjatant 

standardized  / 


/ 

/ 

/ 


,  \  \ 

painless 


subject 


/  t 

complete  j 

candid 


efficient 


multiple 

logins 


f 


ROI 


DEFINE  YOUR  OPEN  ENTERPRISE- 

In  my  open  enterprise,  confidence  flows 
freely  because  information  flows  securely. 

Every  identity,  transaction  and  document  represents  a  possible  security 
risk  for  your  company.  A  risk  that  could  cost  you  millions  in  litigation 
and  overhead  associated  with  data  and  intellectual  capital  theft — 
plus  your  reputation  and  brand  equity.  Security  and  Identity  solutions 
from  Novell®,  the  most  proven  in  the  industry,  centralize  identity 
management,  reducing  the  complexity  and  costs  of  managing  users 
and  access,  all  while  ensuring  regulatory  compliance  for  you. 

There’s  no  better  way  to  secure  your  enterprise.  Or  to  ensure 
that  your  data  is  working  for  you  and  not  against  you. 

Security  and  Identity  solutions  from  Novell. 

This  is  the  way  to  secure  your  open  enterprise. 


Novell 


® 


This  is  your  open  enterprise." 

www.  novel  I .  com/secu  re 


Copyright  ©  2006  Novell.  Inc.  All  Rights  Reserved.  Novell  and  the  Novell  logo  are  registered  trademarks, 
This  is  your  open  enterprise  and  Detine  your  open  enterprise  are  trademarks  ot  Novell,  Inc.  in  the 
United  States  and  other  countries.  All  third-party  trademarks  are  the  property  ol  their  respective  owners 


48  •  www.networkworld.com  •  2.13.06 


The  future  is: 
Services  with  a  smile 


BY  JOSH  GREENBAUM 

it’s  always  tempting  to  talk  about 
the  future  of  enterprise  software 
in  terms  of  technology  But  if  I 
take  a  hard-nosed  look  at  the 
future  of  enterprise  software,  I  see 
something  more  important  than 
mere  technology  as  compelling  as 
technology  is. 

Because  the  most  important  trend  to  hit  the  software 
world  in  the  next  five  years  won’t  be  about  bits  and  bytes, 
but  about  something  that  only  a  lawyer  or  accountant 
could  get  excited  about:  corporate  buyers’  changing  rela¬ 
tionships  to  their  software  vendors. 

The  changing  relationship  between  customer  and  vendor 
will  have  multiple  dimensions,  but  all  with  a  similar  impact: 
total  cost  of  ownership  will  go  down  while  customer 
choice  goes  up.  Customers  will  be  able  to  not  only  choose 
from  an  increasingly  wide  palette  of  functionality  that  can 
be  delivered  at  a  much  lower  cost,  but  they  also  will  be  able 
to  choose  from  a  wider  palette  of  services,  support,  main¬ 
tenance  and  licensing  schemas  that  will  turn  this  into  a 
buyers’  market  that  would  make  Adam  Smith  weep  for  joy 
As  it  turns  out,  there  is  a  little  technology  behind  the  first 
reason  why  the  customer/vendor  relationship  is  about  to 
change  so  dramatically  The  advent  of  service-oriented 
architectures  (SOA)  will  set  the  stage  for  much  of  this 
change.  Once  the  world  of  enterprise  software  is  truly  ser¬ 
vice  enabled,  and  customers  have  well-designed  and  high¬ 
ly  functional  service  architectures  in  place,  software  devel¬ 
opment  and  deployment  will  be  changed  forever. 

Whereas  today  complex  business  processes  have  to  be 
programmed  from  scratch  by  an  army  of  high-priced  con¬ 
sultants  or  bought  as  part  of  a  high-priced  packaged  soft¬ 
ware  suite,  the  world  of  SOAs  will  let  those  processes  be 
assembled,  in  a  highly  customer-specific  manner,  from  a 
Lego-like  set  of  existing  subprocesses  and  services. 
Complex  processes  will  no  longer  be  complex  to  build  and 
maintain,  and  the  mass-customization  of  off-the-shelf  busi¬ 
ness  processes  will  raise  productivity  significantly 
These  service  architectures  will  be  at  the  forefront  of  the 
change  in  the  buyer/seller  relationship.  Software  vendors 
will  go  from  being  high-priced  caterers,  delivering  entire 
ready-to-eat  meals,  to  being  grocery  stores  selling  ingredi¬ 
ents  for  an  increasingly  capable  do-it-yourself  army  of  chefs 
and  cooks.  As  an  ingredient  seller,  the  vendor’s  pricing  will 
reflect  the  fact  that  some  components  are  commodities 
such  as  general  ledger)  and  some  are  highly  specialized 
and  very  expensive  (such  as  invoice  reconciliation  for  the 
retail  supply  chain.) 

Service  and  support  will  change  as  well,  because  no  sin¬ 
gle  vendor  will  necessarily  take  full  responsibility  for  a 
complex  component  application  that  depends  on  services 
ieveloped  and  supported  by  third  parties.  If  your  caterer 
'  ads  over  a  bad  souffle,  you  know  who  to  call.  If  your 


homemade  souffle  fails  to  rise,  you 
can  try  blaming  the  hen  that  laid 
the  eggs,  but  chances  are  it  will 
be  hard  to  figure  out  what  went 
wrong  and  how  it  should  be 
fixed. 

Which  brings  us  to  the 
second  reason  that  the 
relationship  between  cus¬ 
tomer  and  vendor  is 
about  to  change  forever: 
software  as  a  service, 
a.k.a  on-demand  com¬ 
puting  and  outsourcing. 

The  world  of  enterprise 
software  is  bifurcating  into 
two  basic  use  modes: 
strategic,  value-added  func¬ 
tionality  —  the  kind  that  dif¬ 
ferentiates  you  from  your  com¬ 
petition;  and  commodity  func¬ 
tionality  —  the  stuff  everyone  in 
your  industry  uses.  How  software  is 
deployed  will  follow  a  similar  trajecto¬ 
ry:  Commodity  functionality  will  be  out¬ 
sourced,  whereas  value-added  functionality 
will  be  insourced. 

What’s  important  is  that  commodity  function 
ality  may  make  up  a  sizable  chunk  of  the  total 
applications  portfolio.  Most  companies  are  run¬ 
ning  most  of  their  financial  and  human 
resource  applications  like  commodities.  There 
will  be  no  good  reason  to  keep  these  appli¬ 
cations  in-house,  and  lots  of  good  reasons 
to  move  them  out.  Shifting  a  large  per¬ 
cent  of  software  portfolio  to  outsourc¬ 
ing  will  alter  the  vendor/customer 
relationship  even  further.  A  commodi¬ 
ty  portfolio  will  need  no  expensive 
upgrade  path  —  funded  by  a  20%  main¬ 
tenance  fee  —  and  the  vendor’s  involvement 
with  the  customer’s  success  will  be  greatly  diminished. 
Once  again,  vendors  may  find  themselves  selling 
Wonderbread  instead  of  a  rustic  pain  de  campagne. 

Which  brings  us  to  the  final  reason  for  this  radical 
change:  TomorrowNow,  a  services  company  bought  earlier 
this  year  by  SAP  TomorrowNow’s  business  model  is  simple: 
Provide  alternative  services  for  those  companies  whose 
applications  provide  commodity  functionality  and  who  are 
loathe  to  fund  an  unnecessary  upgrade  path.  For  these  cus¬ 
tomers,  TomorrowNow  will  discount  vendor  support  costs 
by  50%  while  still  providing  bug  fixes  and  regulatory 
upgrades.  The  original  vendor  disappears  from  the  rela¬ 
tionship  entirely,  the  customer  gets  a  major  price  break,  and 
the  users  are  left  with  no  change  at  all. 

When  you  add  it  up,  it’s  a  revolution  poised  to  happen, 
albeit  one  that  is  about  as  sexy  as  your  CEO  in  a  gunny 
sack.  Service  architectures  will  not  only  change  how  soft¬ 
ware  is  used,  they  will  fundamentally  change  how  software 
is  sold  and  serviced.This  will  potentially  increase  the  num¬ 
ber  of  smaller,  specialized  vendors  in  a  company’s  applica¬ 
tions  portfolio,  and  as  the  number  of  vendors  grow,  their 


individual  account  control  will  diminish.  Meanwhile,  soft¬ 
ware  as  a  service  will  shift  the  traditional  license  model 
away  from  perpetual  licenses  to  a  pay-as-you-go  model. 
And  for  companies  tired  of  funding  upgrades  they  don’t 
plan  to  use,  service  providers  such  as  TomorrowNow  will 
allow  them  to  disengage  completely  from  their  software 
vendor  with  little  or  no  consequence. 

So  forgive  me  if  the  future  of  software  looks  to  be  more 
about  a  shift  in  relationships  than  a  shift  in  technology. 
Technology  will  always  show  up  to  amaze  and  thrill  us.  But 
technology’s  ability  to  empty  our  pocketbooks  without 
imparting  its  promised  value  is  on  the  decline.  In  its  stead 
will  be  a  more  rational  and  cost-effective  use  of  technolo¬ 
gy  that  will  benefit  everyone,  except  maybe  those  vendors 
that  were  taking  advantage  of  everyone  in  the  first  place. 
And  who  needs  more  of  them  anyway? 

Greenbaum  is  principal  of  Enterprise  Applications 
Consulting  in  Berkeley,  Calif.  He  can  be  reached  at 
josh  @eaconsult.  com. 


ATTEND  THE  INDUSTRY’S  DEFINITIVE  FORUM  FOR  SERVICE-ORIENTED  ARCHITECTURE 

MARCH  16,  2006  HOTEL  NIKKO,  SAN  FRANCISCO 

In  the  fifth  edition  of  its  highly  acclaimed  Executive  Forum  series, 

InfoWorld  deepens  its  coverage  of  the  technical  and  business  ramifica¬ 
tions  to  provide  guests  with  the  roadmap  to  successfully  implement  a 
service-oriented  architecture. 

WHY  IS  SOA  CRITICAL  FOR  MY  ORGANIZATION? 

Service-oriented  architecture  (SOA)  represents  a  momentous  shift  in 
the  relationship  between  business  and  IT,  requiring  significant  changes 
in  resource  allocation  and  new  perspectives  on  planning  and  executing 
IT  initiatives. 


WHO  SHOULD  ATTEND  INFOWORLD'S  SOA  EXECUTIVE  FORUM? 

SOA  Executive  Forum  is  designed  specifically  to  educate  and  connect 
business  executives  and  senior  technologists.  This  conference  is  ideal 
for: 

BUSINESS  EXECUTIVES:  Including  CEOs,  CMOs,  CIOs,  corporate  officers 
and  line  of  business  management 

SENIOR  TECHNOLOGISTS:  Including  CIOs,  CTOs,  VPs  of  technology,  direc¬ 
tors  of  IT/operations,  engineers  and  architects 


www.SOAExecForum.com 

Questions?  Call  415-978-3261 


SAVE  $1 00  BY  REGISTERING  BEFORE  FEB.  24,  2006. 

USE  THE  DISCOUNT  CODE  PANWW  TO  REGISTER  TODAY  AND  SAVE 


ExecutiveForum 


EXECUTIVE  FORUM  KEYNOTE  SPEAKERS 


JEFF  GLEASON 

Director,  IT  Strategies 
Transamerica  Life  Insurance 
Annuity  Products  and  Services 


& 

6L 


& 


*0 


CORNERSTONE  SPONSOR 


bea 


Think  liquid: 


PLATINUM  SPONSORS 


Microsoft 


GOLD  SPONSORS 


Cisco  Systems 


<*;  INFRAVIO 


50  •  www.networkworld.com  •  2.13.06 


The  future  is: 

A  world  of  uncertainties  for  vendors 


BY  TOM  KUCHARVY 

The  application  software 
industry  is  changing  at  a 
faster  rate  than  any  time  in  its 
history  Overall  industry 
growth  is  slowing,  there  are  far  more 
opportunities  for  missteps,  and  the 
risks  of  error  are  higher  than  ever. 

An  independent  software  vendor  (1SV)  looking  to  enter, 
build  or  maintain  a  strong  position  in  today’s  application 
software  market  faces  a  number  of  fundamental  decisions. 
In  addition  to  market-specific  questions,  ISVs  must  assess 
such  broad  issues  as  whether  to: 

•  Enter  a  market  that  many  claim  is  well  into  a  final  con¬ 
solidation  phase. 

•  Develop  an  n-tier  application  that  customers  can 
deploy  in-house,  or  develop  an  Internet-centric,  multitenant 
application  to  be  offered  primarily  as  a  service. 

•  Develop  their  own  application  infrastructures  from  best- 
of-breed  components,  embrace  standard  infrastructure 
stacks  (preintegrated  combinations  of  .Net-,  Java  2  Platform 
Enterprise  Edition-,  Linux  Apache  MySQL  PHP  [LAMP]- 
based  middleware)  or  develop  atop  even  higher-level  hori¬ 
zontal  application  platforms  (such  as  SAP  a  Windows/- 
Office  combination,  the  salesforce.com-hosted  platform). 

•  Continue  the  time-honored  practice  of  pricing  server 
software  per  CPU,  per  server,  per  user  or  under  other  estab¬ 
lished  licensing  models;  move  to  usage-based, subscription 
or  other  innovative  pricing  models  to  accommodate  virtu¬ 
alized  architectures;  or  avoid  this  issue  altogether  by  giving 
software  away  and  charging  for  support. 

•  Open  source  the  application  code,  maintain  it  as  pro¬ 
prietary  or  pursue  any  of  a  number  of  hybrid  models. 

•  Invest  heavily  in  marketing,  or  channel  the  vast  majority 
of  investment  into  engineering  and  rely  on  viral  marketing 
to  generate  adoption. 

About  the  only  certainties  in  an  ISV’s  world  are  that  it 
must  develop  modularly  to  fit  within  the  emerging  world  of 
standards-based  service-oriented  architectures  (SOA),and 
its  applications  must  be  optimized  for  Internet-based 
access  and  service  delivery. 

Beyond  these  givens,  pretty  much  everything  else  is  sur¬ 
rounded  by  uncertainty  Developers  must  make  some  fun¬ 
damental  decisions  about  the  future  IT  industry  and  envi- 
onment  and  the  role  they  want  to  play  in  that  future. 
Although  most  of  these  decisions  must  be  unique  to  the 
particular  1SV,  all  must  begin  with  an  assessment  of  some 
:  ey  industry  trends  and  the  risks  and  rewards  that  different 
ombinations  of  choices  may  entail. 

To  that  end, lets  assess  the  Myth/Reality  Index  for  five  crit- 
:al  assumptions  that  have  the  potential  of  reshaping  the 
pplications  industry,  with  zero  being  total  myth,  and  10 
oeing  absolute  reality 

Assumption  1:  The  application  industry  has  matured. 
More  myth  than  reality.  Although  the  market  for  broad, 
irizontal, client/server  application  software  is  mature  and 


rapidly  consolidating,  the  markets  for  other  types  of  soft¬ 
ware,  such  as  small-to-midsize  business  (SMB)  applica¬ 
tions,  those  developed  specifically  for  delivery  as  a  service 
and  those  that  make  innovative  use  of  open  source  models 
will  remain  robust  and  highly  fragmented.  Myth/Reality 
Index  Rating:  3. 

Assumption  2:  Applications  will  be  built  on  standard 
infrastructure  stacks. 

Absolutely  Although  most  application  developers  believe 
their  needs  are  unique,  ISV  business  executives  will 
increasingly  mandate  that  developers  begin  developing 
business  solutions  atop  higher-level  standard  platforms  — 
initially  infrastructure  stacks.  Myth/Reality  Index  Rating:  9. 

Assumption  3:  Vertical  software  is  the  future. 

More  true  than  not.  A  handful  of  horizontal  application 
platforms  will  emerge  as  big,  high-volume,  de  facto  stan¬ 
dard  application  platforms.However,  there  will  be  thou¬ 
sands  of  opportunities  for  smaller  volume,  vertical  applica¬ 
tions,  especially  those  that  are  built  atop  the  dominant  hor¬ 
izontal  platforms.  The  primary  action  and  innovation  will 
occur  in  vertical  applications,  especially  those  tailored  for 
SMB.  Myth/Reality  Index  Rating:  8. 

Assumption  4:  Software  as  a  service  is  the  future. 

But  not  the  only  future.  Although  software  as  a  service  will 
be  the  most  rapidly  growing  business  model,  most 
application  developers  will  be  better  served  by 
developing  for  a  multisource  delivery  model  —  a 
single  code  base  that  can  be  deployed  in  mul¬ 
tiple  ways,  including  outsourced/software  as 
a  service;  as  a  preconfigured,  internally 
deployed  appliance;  as  a  fully  config¬ 
urable,  in-house  implementation;  or  as  a 
hybrid  service,  with  different  compo¬ 
nents  coming  from  different  sources. 

Myth/Reality  Index  Rating:  6. 

Assumption  5:  Open  source  will 
squeeze  out  proprietary  applications. 

No  way  even  though  open  source 
software  will  play  a  huge  role  at  every 
level  of  the  software  stack.  Inevitable 
trends  in  open  source  business  models 
will  result  in  open  source  being  used 
increasingly  as  an  on  ramp,  rather  than  as  a 
competitor  to  proprietary  software  —  espe¬ 
cially  at  the  application  layer.  But  regardless  of 
how  successful  open  source  applications  are  in 
displacing  proprietary  software,  one  thing  is  certain 
—  proprietary  application  software  business  models  and 
margins  will  never  be  the  same.  Myth/Reality  Index  Rating: 
1. 

Top  trends 

There  are  no  silver  bullets.  No  one  type  of  software,  deliv¬ 
ery  model  or  business  model  will  trump  all  others. 
However,  all  ISVs  must  respond  to  a  handful  of  critical 
trends.  Among  the  most  important  are: 

•  Market  momentum  and  the  primary  focus  of  innovation 
will  shift  from  enterprise  applications  to  those  developed 
primarily  for  SMB,  and  then  extended  to  address  the  needs 
of  large  enterprises. 

•  ISVs  will  increasingly  shift  from  developing  custom 
infrastructure  foundations  for  their  applications,  to 


developing  their  own  business  logic  atop  increasingly  com¬ 
prehensive,  and  ever  higher-level  application  foundation 
platforms. 

•  The  application  market  will  segment  into  two  primary 
categories,  a  handful  of  de  facto  standard  horizontal  appli¬ 
cation  “platforms,”  and  a  huge  proliferation  of  increasingly 
targeted  specialized  and  vertical  applications. 

•  Applications  developed  only  for  in-house  deployment 
will  all  but  disappear. 

•  Open  source  will  primarily  become  an  on-ramp  to, 
rather  than  a  replacement  for,  proprietary  applications. 

•  ISVs  that  stick  to  obsolete  license  models  will  see  their 
models  ravaged  by  competitors  who  proactively  imple¬ 
ment  customer-friendly  utilization-based  pricing  models. 

In  short,  application  ISVs  have  their  work  cut  out  for  them. 
The  future  isn’t  as  bleak  as  some  would  suggest  for  these 
vendors  —  at  least  not  for  those  willing  and  able  to  play  by 
a  new  set  of  rules. 

Kucharuy  is  president  and  research  director  at  Summit 
Strategies  in  Boston.  He  can  be  reached  at  TKucharvy@sum 
mitstrat.com. 


2.13.06  •  www.networkworld.com  *  51 


E-MAIL  NEWSLETTER  SHOWCASE:  STORAGE  IN  THE  ENTERPRISE 

No  funnies  in  recent  edition  of  Boston  Globe 


BY  MIKE  KARP 

On  Feb.  1,  subscribers  of  The 
Boston  Globe  and  the  Worcester 
Telegram  and  Gazette  (both 
owned  by  the  New  York  Times  — 
the  Globe  and  the  T&G  share  data 
resources)  awoke  to  the  news  that 
credit  and  bankcard  numbers  of 
as  many  as  240,000  subscribers 
had  been  distributed,  inadvertent¬ 
ly,  to  subscribers  on  Jan.  29  (see 
www.nww.com,  DocFinder:  2126). 
It  seems  the  Worcester  paper  had 
wrapped  bundles  of  their  Sunday 
edition  in  printouts  of  —  well, you 
can  guess  what  information  was 
on  those  printouts. 

As  I  sat  down  to  coffee  that 
Sunday  morning,  Doonesbury 
and  a  bagel,  hundreds  of  thou¬ 
sands  of  other  people  in  New 
England  sat  down  to  coffee, 
Doonesbury  a  bagel  and  a  print¬ 
out  of  credit  card  information  on 
Mike  Karp  and  a  quarter  million 
of  his  closest  friends. 

The  good  news  is  that  The  Globe 
acted  quickly  once  it  realized  its 
error,  alerting  the  public  and  cred¬ 
it  companies  involved,  giving  the 
story  page  one  coverage  on 
Wednesday  and  setting  up  a  hot¬ 
line  for  its  subscribers.  This  is  a 
marked  contrast  to  what  hap¬ 
pened  last  year  with  incidences  of 
data  security  lapses  at  other  firms, 
where  appropriate  notifications 
lagged  the  events  by  months. 

The  bad  news  is  because  of  its 
poor  understanding  of  data  secu¬ 
rity,  a  Globe  spokesman  stated:" We 
are  doing  everything  we  possibly 
can.” 

Are  they  really?  The  Globe  is  only 
doing  those  things  it  can  think  of. 
Fixing  individual  problems  is  a 
good  thing,  but  adopting  data 
security  policies  that  pre-empt 
such  problems  is  better. 

If  your  responsibilities  include 
data  storage,  remember  that  these 
days  you  are  likely  to  be  held  re¬ 
sponsible  not  only  for  data  avail¬ 
ability  but  for  data  security  as  well. 
This  means  that  data  that  is  out  of 
sight  cannot  be  out  of  mind. 


nww.com 

In  your  in-box 

Sign  up  for  this  or  any  of  Network 
World's  many  other  e-mail  newsletters. 

DocFinder:  1002 


I  discuss  this  topic  frequently 
with  my  colleague  Scott,  who 
heads  up  the  security  practice  at 
Enterprise  Management  Asso¬ 
ciates,  and  we  often  shake  our 
heads  at  some  of  the  simplest 


(and  often  cost-free)  precautions 
that  managers  fail  to  take. 

Don’t  just  assume  that  off-site 
data,  including  data  that  lies  at 
the  end  of  a  virtualized  stub,  is 
not  still  within  your  keeping. 


Come  up  with  policies  to  guard 
the  tapes,  and  the  printouts  too. 
The  Boston  Globe  now  only 
prints  the  last  four  digits  of  cus¬ 
tomers’  credit  cards.  This  might 
be  a  good  time  to  talk  with  some 


of  your  associates. 

Karp  is  senior  analyst  with  En¬ 
terprise  Management  Associates. 
He  can  be  reached  at  mkaip@ 
enterprisemanagement.  com. 


N-TRON  gives 
you  more  ways 
to  monitor  your 
Industrial 
Ethernet 
network 


Introducing  N-TRON’s  9000  Series  GbE 
Industrial  Switch  with  Advanced  Monitoring 
to  bridge  the  gap  between  IT  and  the  Factory 

N-TRON®  manufactures  a  unique  product  that 
bridges  the  domain  between  IT  and  the  Factory 
as  far  as  network  monitoring  software  needs  are 
concerned.  Our  9000  Series  provides  plug-and- 
play  SNMP  and  Web  Browser  monitoring  for  IT, 
and  fully  compliant  OPC/HMI  monitoring  for  the 
Factory,  all  in  a  ruggedized  steel  enclosure  that  is 
capable  of  withstanding  rigorous  environmental 
conditions. 


•  Hardened  Environmental  Specifications 

•  Extended  Temperature,  Shock, 
Vibration,  and  High  Noise  Protection 

•  High  MTBF>1M  Hours 

•  Redundant  Power  Inputs 

•  High  Availability 

•  Plug-and-Play  Advanced  Monitoring 

•  Full  SNMP  and  Web  Browsing  for  IT 

•  Full  OPC  Compliance  for  the  Factory 

•  Four  Slot  Mix  and  Match  Modular  Switch 

•  Six  Port  10/IOOBaseTX  Modules 

•  Two  or  Four  Port  100BaseFX  Modules 

•  Two  Optional  Gigabit  Fiber  Ports 

•  Standard  Managed  Switch  Features 

•  IGMP,  Link  Aggregation,  Port  Control, 
Port  Mirroring,  IEEE  802.1  D, 

802.1  p  QoS,  802.3,  802.3u,  802.3x; 
802.1w  RSTP,  802.1  Q  VLAN,  SNMP 
and  Web  Browsing 


THE  INDUSTRIAL  NETWORK  COMPANY 


Visit  us  on  the  web  @  www.n-tron.com  or  call  (251} ,  i  > 


52  •  www.networkworld.com  •  2.13.06 


MANAGEMENT  STRATEGIES 

»  CAREER  DEVELOPMENT  S  PROJECT  MANAGEMENT  it  BUSINESS  JUSTIFICATION 

How  to  make  the  most  of  your  IT  budget 

Six  tips  from  nonprofits  that  squeeze  everything  they  can  from  frugal  funding. 


BY  CAROLYN  DUFFY  MARSAN 

Few  organizations  have  to  pinch  pennies  more  than  nonprofits,  which 
depend  on  charitable  giving  and  grants  for  their  funding.  We  asked  IT 
executives  from  three  well-known  nonprofits  to  share  their  creative 
ideas  for  getting  the  most  mileage  from  their  IT  budgets.  IT  leaders  in  all 
industries  can  learn  from  these  techniques. 


1.  Consolidate  servers. 

When  Dennis  Shaw  joined  the  Smithsonian  Institution 
in  Washington,  D.C.,  in  2000  as  its  first  CIO,  the  museum 
group  had  149  file,  print,  e-mail  and  directory  servers, 
connected  to  80  LANs.  Some  were  so  old  that  they  used 
386  processors.  Shaw  came  up  with  a  two-step  plan  for 
standardizing  on  NetWare  and  reducing  the  number  of 
servers  to  76,  which  were  then  clustered  to  eliminate 
points  of  failure.  This  server  consolidation,  which  took 
more  than  three  years,  has  improved  availability  and  reli¬ 
ability  while  also  reducing  costs.The  savings  are  in  cost- 
avoidances  related  to  maintaining  and  replacing 
servers,”  Shaw  says.  “We  saved  money  on  hardware  and 
software  licenses,  too.” 

Additional  savings 
came  from  eliminating  a 
third  shift  of  IT  workers 
and  reducing  the  second 
shift  to  one  person.  With 
newer,  more  reliable  servers, 

Shaw  can  meet  his  service 
commitments  with  fewer 
people.  “During  normal 
business  hours,  we  are  pro¬ 
viding  99.998%  availability’ 
he  says. 

2.  Don't  delay  equipment 
upgrades. 

Jim  Thie  was  hired  as  Habitat 
for  Humanity’s  first  CIO  in  2005  to 
help  bring  standard  business  practices 
to  this  Christian  organization  in  Americus.Ga., 
that  builds  homes  for  the  poor. 

That’s  one  reason  Thie  is  sticking  with  standard  equip¬ 
ment  refresh  rates:  Laptops  are  replaced  every  three 
/ears,  and  desktops  and  servers  are  replaced  every  four 
.ears.  “Just  because  we’re  nonprofit  doesn’t  mean  that 
we  have  less  computing  needs  or  needs  for  power,”  he 
ays.  “Constant  tech  refresh  allows  us  to  keep  up  with 
emand.”  Stretching  out  the  technology  refresh  cycle 
nves  up  an  organization’s  maintenance  costs  and 
'educes  reliability, Thie  says. 


3.  Replace  old  phone  systems  with  VoIP. 

The  Smithsonian  once  had  a  hodgepodge  of  telephone 
systems,  including  Centrex,  PBX  and  old-fashioned  key 
systems. Verizon  notified  Shaw  that  it  refused  to  maintain 
70%  of  the  organization’s  telephone  systems, because  they 
were  too  old.  In  2002,  he  embarked  on  a  VoIP  project  and 
selected  Cisco  IP  PBXs  and  phones. 

‘At  the  time,  Cisco  was  the  most  mature  of  the  VoIP  prod¬ 
ucts,”  Shaw  says.“But  we  probably  would  have  picked  them 
anyways  because  we  had  Cisco  routers  and  switches.  Our 
backbone  network  is  all  Cisco.”  By  migrating  to  VoIP  the 
Smithsonian  has  reduced  the  annual  cost 
of  its  voice  services  by  $2.3  mil¬ 
lion  per  year  —  so  far. 
When  the  VoIP  systems 
are  fully  implemented 
later  this  year,  the  annu¬ 
al  savings  will  rise  to 
more  than  $3  million  per 
year.  “What  really  swung 
the  decision  to  VoIP  was 
the  cost  of  the  cable 
plant,”  Shaw  says.  “We’d 
^already  made  that  investment 
our  data  network,  but  our  tele¬ 
phone  cabling  was  old.  In  the 
National  Museum  of 
Natural  History  the  tele¬ 
phone  cables  were  over 
50  years  old.  The  eco¬ 
nomics  clearly  indicated 
we  should  go  to  VoIP’ 

4.  Consider  bringing  key  functions  in-house. 

Mark  Donatelli,  network  administrator  for  The  Joffrey 
Ballet  in  Chicago,  used  the  call-handling  features  of  a  new 
VoIP  deployment  to  bring  telemarketing  and  fundraising 
functions  in-house. 

“We  are  providing  better  call  handling  in  terms  of  direct¬ 
ing  people  to  automated  attendants,”  Donatelli  says.Tewer 
subscribers  are  lost,  and  that’s  important  because  sub¬ 
scribers  are  the  lifeblood  of  this  organization.” 

Because  its  ticketing  and  donation  software  are  inte¬ 


grated,  The  Joffrey  also  provides  better  service  to  its  sub- 
scribers.“We  can  pull  up  a  record  and  see  that  a  subscriber 
has  given  certain  monetary  gifts,  so  we  can  give  them  a  cer¬ 
tain  level  of  service,  such  as  discounts  or  upgrades  on  tick¬ 
ets,”  he  says.“We  can  make  them  feel  connected  to  the  orga¬ 
nization  so  they  are  more  inclined  to  continue  helping  us.” 

He  also  saved  money  by  bringing  e-mail  and  Web  site 
hosting  in-house  instead  of  continuing  to  use  SBC,  noting 
that  he  got  a  discount  on  Exchange  licenses.  He  recom¬ 
mends  this  for  smaller  organizations. 

5.  Manage  your  service  contracts. 

Thie  has  saved  Habitat  for  Humanity  $100,000  in  the  last 
year  by  improving  IT  contract  management,  particularly  for 
telephone  services.  He  says  he  hopes  to  double  this  amount 
of  savings  next  year.“There  are  big  savings  that  can  be  found 
in  vendor  management  for  recurring  costs, ’’Thie  says. 

Before  Thie  arrived  at  Habitat  for  Humanity  the  organiza¬ 
tion  paid  its  telephone  bills  without  analyzing  them.  Thie 
double  checks  bills  for  accuracy  and  looks  for  ways  to  cut 
costs  by  collapsing  lines  and  renegotiating  rates.'T  took  one 
of  my  vendors  for  conference  calling  down  from  10  cents 
per  minute  to  5  cents  per  minute,”  Thie  says.  “It’s  practices 
like  that  from  the  corporate  world  that  I  am  applying  at 
Habitat  for  Humanity’ 

Thie  says  all  CIOs  should  review  their  IT  contracts  and 
try  to  renegotiate  rates  even  if  the  contracts  are  not  due 
for  renewal. “If  you  know  there  is  better  pricing  out  there, 
push  to  get  your  rates  lowered,”  he  says.“All  of  these  com¬ 
panies  will  reup  the  contracts,  especially  telephone  ser¬ 
vice  providers.” 

6.  Form  partnerships  with  your  vendors. 

If  your  company  is  a  well-known  organization,  you  may 
be  able  to  get  discounts  on  equipment  or  services  by  agree¬ 
ing  to  be  a  case  study  or  reference  customer.  Donatelli  got 
a  great  deal  on  the  dance  company’s  new  VoIP  system  by 
partnering  with  Avaya  for  its  Compact  Contact  Center. 

In  return  for  wholesale  prices  on  telephones  and  no 
labor  fees,  The  Joffrey  allows  Avaya  to  refer  to  it  as  a  cus¬ 
tomer  in  the  vendor’s  advertisements.He  purchased  an  IP 
PBX,  server,  software  and  65  IP  phones  from  Avaya  for 
about  $16,000,  noting  that  that  price  was  60%  to  70%  of 
competing  vendors’  prices.  ■ 


nww.com 

Six  more  money-saving  tips 

Learn  what  IT  leaders  from  Habitat  for  Humanity,  the  Joffrey  Ballet  and 
the  Smithsonian  Institution  do  to  run  strong  yet  lean  organizations. 

DocFinder:  2121 


53 


Hitting  a  wall  with  your  current  sniffer? 


Break  through  with  Observer  1 1 .  Now  with  enterprise  strength  VoIP  analysis.  New  features  include  an  enhanced 
VoIP  Expert,  Quality  Scoring,  Call  Detail  Records,  MultiHop  Analysis,  and  64-bit  Windows  support.  It's  time  to  reset  your  analyzer. 


IKSTRUMENTS 


Wired  to  wireless.  LAN  to  WAN.  One  network  -  complete  control. 


US  &  Canada  UK  &  Europe 

toll  free  800.526.5958  +44  (0)  1959  569880 

www.networkinstruments.com/analyze 


^VoIP’s 


enhanced  VoIP  support 


OBSE 


nUbfc  Ub 

ROSE  EUROPE 
ROSE  ASIA 
ROSE  AUSTRALIA 


Zbl  SJo  /b/o 
+  44  (0)  1264  850574 
+65  6324  2322 
+  617  3388  1540 


ELECTRON 


SERV  RS  WIT 
FROM/ 


N  YOUR  REACH 


NAGEMENT  SOLUTIONS 


LOCAL  OR  REMOTE  SERVER 


UltraMatrix™ 

E-series 


UltraMatrix™ 

Remote 


■  MATRIX  KVM  SWITCH  WITH 

INTEGRATED  REMOTE  ACCESS  OVER  IP 


■  PROFESSIONAL  MULTI-USER  KVM  SWITCH 
2  -  4  KVM  STATIONS  TO  1,000s  OF  COMPUTERS 


KVM  SWITCH 


KVM  OVER  IP 


System-wide  connectivity  over  IP  worldwide  and  locally 
Connects  1,000  computers  to  up  to  256  user  stations 
Supports  PC,  Sun,  Apple,  USB,  UNIX,  serial  devices 
High  quality  video  up  to  1280  x  1024 
Secure  encrypted  operation 

View  real-time  video  from  4  computer  connections  with 
quad-screen  mode 


PC  or  multi-platform  (  PC/Unix,  Sun,  Apple,  others}1* 
On-screen  menu  informs  you' of  connection  status  bfel 
in  an  expanded  system  M 

Powerful,  expandable,  low  cost  .  ■  ' 

No  need  to  power  down  most  servers  to  install  .  . ;  ;4j 
Security  features  prevent  unauthorized  access  ‘A 

Free  lifetime  upgrade  of  firmware  ’  /-'m 

Video  resolution  up  to  1600  x  1280  '  /  ' 

Available  in  several  models  ■■ 

Easy  to  expand  "? 


The  UltraMatrix  E-Series  represents  the  latest  in  KVM  matfix  switch  technology',  at  ai 
affordable  price.  The  E-Series  allows  you  to  connect  up  to  256  user  stations  to  as  mi 
1,000  computers.  The  UltraMatrix  E-Series  is  available  in  several  sizes:  2x4,  2x8,  2*5 
4x4,  4x8,  4x16,  1x8,  and  1x16  in  either  PC  or  multi-  platform.  .A 


The  UltraMatrix  Remote  represents  the  next  generation  in  KVM  switches  with  IP  access.  It 
provides  a  comprehensive  solution  for  remote  server  access  over  IP  and  local  as  well. 


■  KVM  RACK  DRAWERS  WITH  KVM  SWITCH  OPTION 


RackViews  offer  the  latest,  most  efficient  way  to  organize  and  streamline  your 
server  rooms  and  multiple  computers. 

The  RackView  is  a  rack  mountable  KVM  console  neatly  fitted  in  a  compact  pull-out 
drawer.  This  easy-glide  KVM  drawer  contains  a  high-resolution  TFT/LCD  monitor,  a 
tactile  keyboard,  and  a  high-resolution  touchpad  or  optical  mouse. 


XtendVue 

Vertical  Rack  mountable  LCD 
With  Built-in  KVM  Extender 


RackView 

Fold-Forward 


RackView 

Fold-Back 


RackView 
LCD  Monitor 


2/13/06  MARKETPLACE 


MARKETPLACE  w* 


5 


Automate  Any  Environment 

Apcon  Intellapatch™  delivers  solutions  that  reduce  costs 
for  enterprise  and  test  lab  environments 


Enterprise: 

•  Reduce  packet  analyzer 
and  monitoring  costs 

•  Centrally  control  and 
distribute  packet  analyzers 

•  Enable  100%  network  visibility 

•  Remotely  control 
physical  connectivity 
of  monitoring  device 


IntellaPatch™ 

hysical  Layer  Switches 


For  the  full  IntellaPatch  story,  click  www.apcon.com  or  call  1.800.624.6808. 


Test  Labs: 

•  Automate  networking  and 
software  test  labs 

•  Instantly  reconfigure  test  lab 
topologies 

•  Decrease  testing  time  and  cost 

•  Decrease  product  time 
to  market 


U  Apcon 

Solutions  for  Networks 


images 


Bottom  line:  dtSearch  manages  a  terabyte  of  text  in  a  single  index 
and  returns  results  in  less  than  a  second”  —  Inf  eWorld 

♦  over  two  dozen  indexed,  unindexed,  fielded  data  and  full-text  search  options 

♦  highlights  hits  in  HTML,  XML  and  PDF,  while  displaying  links,  formatting  and 

♦  converts  other  file  types  (word  processor,  database,  spreadsheet,  email  and 
attachments,  ZIP,  Unicode,  etc.)  to  HTML  for  display  with  highlighted  hits 

♦  Spider  supports  static  and  dynamic  Web  content,  with  WYSWYG  hit-highlighting 

♦  optional  API  for  C++,  .NET,  Java,  SQL,  etc.  Ask  about  new  .NET  Spider  API 


dtSearch  vs.  the  competition: 
“dtSearch  easily  overpowered  the 
document  indexing  and  searching 
abilities  of  other  solutions,  especially 
against  large  volumes  of  documents” 

Reliability:  “dtSearch  got  the  highest 
marks  from  our  systems  engineering 
folks  that  I've  ever  heard  of” 

Results:  “customer  response  has  been 
phenomenal” 

For  hundreds  more  reviews  and  developer 
case  studies,  see  www.dtsearch.com 

Contact  dtSearch  for  fully-functional 
evaluations 


‘For  combing  through  large  amounts  of 
data,  dtSearch  ...  leads  the  market” 

—  Network  Computing 

‘Blindingly  fast”  —  Computer  Forensics: 
Incident  Response  Essentials 

‘Super  fast,  super-reliable” 

—  The  Wall  Street  Journal 

‘A  powerful  arsenal  of  search  tools” 

—  The  New  York  Times 

‘Powerful  Web-based  engines”  —  eWeek 
‘Blazing  speeds” 

—  Computer  Reseller  News  Test  Center 

‘The  most  powerful  document  search  tool 
on  the  market”  —  Wired  Magazine 


The  Smart  Choice  for  Text  Retrieval0  since  1991 


Instantly  Search 

Terabytes  ofJext_ 


55 


you 


[Insert  your  photo  here] 


Empower  yourself 
with  one  of^DdU's 
modular  courses. 

Take  a  FREE  course  and  enter  to  win  an 
XM  .Satellite  Radio,  complete  with  a  / 
one-year  paid  sub^ription.  Visit 
www.datacenterumyersity.50th/courses 
and  enter  key  code  ,Atptfrses 


©2006  American  Power  Conversion  Corporation.  Data  Center  University  and  the  Data  CenterLWiversity 
logo  are  trademarks  of  Ap»dfican  PowehConversion  Corporation.  All  trademarks  are  property  of  theinowners. 
132  Fairgrounds  RoatfWest Kingston, hi  02892  USA  APC3C5EP-US  /  \ 


networkTAPs  © 

TAP  Into  Your  Network 

Only  a  TAP  can  provide  a  complete  copy  of  data  from  full-duplex  links  at  line  rate  for 
monitoring  devices.  Without  a  TAP,  a  monitoring  device  may  be  fed  incomplete  and 
misleading  information-creating  false  positives  and  overlooking  network  problems 
that  actually  do  exist.  Visit  www.networkTAPs.com/visibility  today. 


Copper nTAPs 

10/100 . $395 

10/100/1000 . .$99$:....$795 


Copper  to  Optical 
Conversion  nTAPs 

SX  or  LX . $1,495 


V 


J 


Optical  nTAPs 

One-Channel . .$39$  ....$295 

Two-Channel . .$79tf  .-$575 

Three-Channel  ...,$U8$.... $845 


To  learn  more  about  how  nTAPs  can  boost  your  network  visibility,  which  configuration  option 
is  best  for  you,  and  to  check  out  new  pricing  go  to  www.networkTAPs.com/visibility 
or  call  866-GET-nTAP  today.  Free  overnight  delivery* 


FC  C€ 


•Free  overnight  delivery  on  all  U.S.  orders  over  $295  confirmed  before  12  p.m.  Central  Time. 
nTAP  and  all  associated  logos  are  trademarks  or  registered  trademarks  of  Network  Instruments,  llC 


nTAP 


_ 


Don't  neglect 
your  data 
center's  most 
valuable  asset... 

Are  you  so  busy  updating  your  data  center  technologies  that 
you're  forgetting  yourself?  Data  Center  University  (DCU) 
instructors,  who  have  run  the  largest  data  centers  in  the  world, 
will  bring  you  quickly  up  to  speed  on  how  the  latest  technology 
trends  can  affect  the  Network  Critical  Physical  Infrastructure 
(NCPI)  of  your  data  center.  No  matter  where  you  are  in  the 
design/build/operate  continuum,  you  will  learn  real  world  skills 
that  you  can  apply  immediately  in  your  own  facility. 

•  On-line,  on  demand  -  web  based  courses  deliver 
what  you  need,  when  you  need  it 

•  Modular,  under  an  hour,  self-paced  courses  - 
become  an  expert  before  your  morning  coffee  break 

•  FREE  courses  now  through  March  31st,  so  enroll  now! 


www.  datacenteruniversity.  com/courses 


<<HEEE 


Data  Center  University’-  is  proud  to  be  an  Educational  Partner  of  IEEE 


GET  RESCUED  TODAY  WITH  THE  LATEST  INNOVATION  iH 
SERVICE  PROCESSOR  MANAGEMENT  -  AlterPath*  On  Board 


For  more  information  view  our  FREE  webcast 

“Right  Under  Your  Nose: 

Untapped  Service  Processors  Deliver  Savings  and  Pro:' 
presented  by  Cyclades  CTO  Marcio  Saito 

www.cyclades.com/spweb 


Download  a  FREE  white  paper  on  Service  Process.' 


www.cyclades.com/spv#b 


2/13/06  MARKETPLACE 


MARKETPLACE.  M 


CDI  offers: 

ir — •  Hardware  encryption  over  dial-up 
and  network  connections 
-•  RSA  certified  SecurlD  authentication 
without  a  network. 

-•  Patented  central  management  of  all 
remote  devices 


Full  NIST,  FIPS  140-2  certifications  *-n 

Remote  Power  control  •-ri 

Homologous  world-wide  approved  •-rf 
internal  modems 


CDI  has  been  building  encryption  equipment  for  over  fifteen  years.  Our  customers  and  partners  include 
major  financial  institutions,  government  agencies,  major  telcos,  utilities,  and  the  United  States  military. 


Communication  Devices  Inc. 
www.outofbandmanagement.com 


ONE  PHONE  SYSTEM 

for  many  branch  offices 


EXTend  your  PBX  to  any 
remote  location  with: 


communications 


A  Citel  Company 


Seamlessly  connect  remote  sites  to  your  main  PBX  over  Tl,  IP, 
ISDN,  Frame  Relay,  Cable  Modem,  DSL.  Compatible  with:  Norstar, 
Meridian,  Definity,  Panasonic  DBS,  Toshiba,  NEC. 


Tl  or  IP 


BRANCH 

OFFICE 

CORPORATE  OFFICE 


CSU/DSU 


Extender 


6000 


a  a  ass 


PHONES 


PERFECT  FIT  FOR  BRANCH  OFFICES, 
TELECOMMUTERS,  MOBILE  EMPLOYEES 

New,  Refurb,  Installation,  Support 

O  IT  1/  C  M  D  Ari/col  MCK  iertiff°d  Servjce  Provider 

'<  I  L  l\  C  IN  D  M  c.  v..  tn.  5  i_  Chestnut  Street,  S-4,  Andover.  MA  01810 

,PN«  '  573.475.7200  fox  -  978.428.6200 
j  www.i-ickenbackercommumcations.com 

iiLfiSn  Email;  tom@rickenbacke-CGmmunications.com 


How  Do  You  Distribute 
Power  in  Your  Data 
Center  Cabinet? 


With  Sentry! 

CDU  Product  Family:  Metered,  Smart  &  Switched 

The  Sentry  CDU  distributes  power  for  Blade  servers  or  up  to  42  dual 
power  1U  servers  in  one  enclosure.  Single  or  3-phase  input  with 
110VAC,208VAC  or  mixed  110/208VAC  single-phase  outlet  receptacles. 


Metered  CDU 

>  Local  input  Current  Monitoring 
Smart  CDU 

>  Local  Input  Current  Monitoring 

>  Supports  External  Temperature  and 
Humidity  Probes 

>  IP  Monitoring  of  Power  Temperatures 
and  Humidity 

Server  Technology 

Solutions  for  the  Data  Center  Equipment  Cabinet 

Server  Technology,  Inc.  toll  free  +1.800.835.1 51 5 

1040  Sandhill  Drive  tel  +1.775.284.2000 

Reno,  NV  89521-USA  fax  +1.775.284.2065 

www.servertech.com  sales@servertech.com 


Switched  CDU 

>  Local  input  current  Monitoring 

>  Supports  External  Temperature  and 
Humidity  Probes 

>  IP  Monitoring  of  Power,  Temperatures 
and  Humidity 

>  Remote  Power  Control  of  Each  Outlet 
—  On  /Off  /Reboot 


9tena  trx_  Sfc-.tr>  a  j  rrai!«r*k  C<  Serre:  in 


VISA 


info@recurrent.com 


3431  De  La  Cruz  Blvd.  Santa  Clara.  CA  95054 


tecfea«ri«giei.  iic. 


D-Series  -  Cost  Effective  Server  Racks 

Designed  to  provide  housing  for  servers,  hubs,  routers  and  network  equipment, 
along  with  structured  cabling  components,  these  enclosures  provide  a  highly 
attractive  profile  in  a  robustly  constructed  cabinet  770-496-4000 
www.optimaeps.com  ___ 

Optima  EPS 


For  the  latest  and  most 
in-depth  information  on 
network  IT  products  from 
these  companies  and  more, 

go  to  VENDOR  SOLUTIONS 

.  www.networkworld.com/vendoi^lutiorts 

NETWORKWORLD 


2.13.06  •  www.networkworld.com  *  57 


NETW0BKW0RLP 


Editorial  Index 


S \t 


&J3 


A  root 


58 


Astav 


Averto. 

Auokia 


ML 


all 


58 


14 


ystems 


41 


I  Lie  .Coal 


14 


c - - 

ierk  Point 

3d 

c 

cherOntic 

58 

Cisco 

1,  IP,  18.30,  52.  58 

ftemmuniGate 

3£L 

- -Security  

29 

■  F 

•injan  Software 

14 

-lashline ! 

43 

'nnrimail  Systems" 

innnlp. 


3L 


8, 19,  46 


joraano.. 


3Q 


ffi 


12 


U  ,  ,  ,  - 

jit^rnet^Seciirity  Systems 


8,  14,  21,28,29,34,41 


itch 


.1,30,  58 


ronPort 


3Q 


14 


Juniper  Networks 


58 


MX - 

LogLogic 

14.  29 

1  M 

V  c.  Af  ee 

14,  22,  58 

dCT  r 

11 

V  icrosof  t 

1,8,  19.P9.41 

hi  irapoint 

3Q 

fa  re 


5Z 


Advertiser  Index 


URL 


55  www  riatar.entpn  iniversitvrnm/rni  irses 

Apron 

54 

AT&T 

15 

TheNfiwATT.com 

AVAYA 

24 

avaya.rom/vtechsummit 

20 

62 

Pommi miration  npvirpR  lor  56  wwwniitnfhandmananement.nom 

55 

rit.Searr.h  Corp 

54 

www.dtsearch.rom 

32-33 

31 

www.hp.com/adapt 

39 

3  www 

4  www  ihm  rnm/midrileware/Prodiir.tive 

17 

23 

26-27 

microsoft.com/higdata 

6Q-61 

10 

53  www  nptwnrkinstmmpnts  rnm/analy7P 

Novell  1  nr 

47 

www.nnvfill.com/secure 

N-TRCN 

51 

56 

www.nptimaeps.rnm 

6 

www  recurrent  com 

Rmkenhankfir  Communications 

56 

11, 19 

53 

56 

36 

9 

WfibsensK 

13 

www.websensa.CQm/sRCunty 

Network  AoDliance 

25 

work  Intelligence 

29 

\Jo 

ia 

58 

Nortel 

30 

to 

thwest  Performance  Software 

38 

Oracle 

8.  30.  58 

LkilfilBav 

12 

HI 

» 

55 

3  . 2L 

3QStini 

 ia 

PI 

-tec 

Hat  58 

Rockliffe 

3Q 

52 

\  .Security 

] 

■  s 

SAP 

3Q 

Sralix 

3Q 

Snrintl  nnic 

29 

^endmail 

3Q 

■Siehel  Systems 

3Q 

Snftririty 

29 

SonioWall 

14.  21 

St  rikeFnrr.e  Technology 

14 

SUn  _ 1.43.46.58 

SWsoft 

25 

Symantec 

1.21.22.  58 

■  T 

3Cnm 

1.58 

TriGeo 

29 

MV 

VeriSign 

1 

Verizon 

11,52 

Viacom 

8 

Vnnane 

16 

■  w 

Whalehar.k  Systems 

. .35 

■  Y 

Yahoo 

aja 

Network  World  -  www.networkworld.com 

AD  1C  Microsoft  Corp 

Adtran  Inc  Mimosa  Systems 

Akamai  Technologies  NCS  Technology 


American  Power  Conversion 
Arbor  Networks 
Arrow  Electronics 
Avaya  -  NJ 
CDW 

Ciena  Corp 
Cisco  Systems,  Inc. 

Client  Name 
Colubris  Networks,  Inc 
Coradiant 
Cyclades  Corp 
Dell  Computer  Corp 
EMC  Corp 
Emulex  Corp 

FaceTime  Communications 
Fluke  Networks 
Hitachi  Data  Systems 
HP-CA 
IBM 

IDG  World  Expo/LinuxWorld 
Iomega 

IronPort  Systems 
IXIA 

KaplanIT 
Lancope 
LAN  Desk 

LightPointe  Communications  I 


Neon  Software  Inc 
NetQoS,  Inc. 

Network  Associates 
Network  Physics 
Nokia-AK,  Inc. 

Novell 

Oracle  Corp 
Packeteer  Inc. 

Permeo 
Pulver.com 
Quest  Software 
RoboticsTrends 
SafeNet 
SAS  Institute 
Server  Technology  Inc 
ShoreTel 

Siemens  Business  Comm. 
SPI  Dynamics 
Spirent  Communications 
SSH  Communications 
Systimax  Solutions 
Tacit  Networks 
Tripp  Lite 
Websense  Inc 
WiredRed  Software 
Zultys 


These  indexes  are  provided  as  a  reader  service.  Although  every 
effort  has  been  made  to  make  them  as  complete  as  possible,  the 
publisher  does  not  assume  liability  for  errors  or  omissions. 


•Indicates  Regional  Demographic 


Network  World  Events  and  Executive 
Forums  produces  educational  events 
and  executive  forums  worldwide, 
Events  sno  Executive  rorume  including  our  one  day  Technology  Tours, 
customized  on-site  training,  and  executive  forums  such  as  DEMO®, 
DEMOmobile®.  and  VORTEX,  as  well  as  the  DEMOIetter  and  VORTEX 
■Digest  newsletters.  For  complete  information  on  our  current  seminar 
offerings,  call  us  at  800-643-4668  or  go  to  www.networkworld.com/events. 


Publicize  your  press  coverage  in 
Network  World  by  ordering  reprints  of 
your  editorial  mentions.  Reprints 
make  great  marketing  materials  and 
are  available  in  quantities  of  500 
and  up.  To  order,  contact  Reprint 
Management  Services  at  (717)  399- 
1900  x128  or  E-mail:  networkworld@reprintbuyer.com. 


■  Network  World.  Inc. 

118Turnpike  Road,  Southborough,  MA  01772 
Phone:  (508)  460-3333 

TO  SEND  E-MAIL  TO  NWW  STAFF 

firstname_lastname@nww.com 


■  Sales  Offices 

Carol  Lasker,  Executive  Vice  President  Sales 
Jane  Weissman,  Sales  Operations  Manager 
Internet:  clasker,  jweissman@nww.com 
(508)  460-3333/FAX:  (508)  460-1237 _ 


Evilee  Ebb,  CEO/Publisher 
John  Gallant,  President/Editorial  Director 
W.  Michael  Draper,  Chief  Operating  Officer 
Eleni  Brisbois,  Administrative  Planning  Manager 

FINANCE 

Mary  Fanning,  Vice  President  Finance 

Paul  Mercer,  Finance  Manager 

Betty  Amaro-White,  Event  Finance  Manager 

HUMAN  RESOURCES 

Eric  Cormier,  Human  Resources  Manager 

CUSTOM  MEDIA 

Michael  Siggins,  Associate  Publisher/Custom  Media 


New  York/New  Jersey 

Tom  Davis,  Associate  Publisher,  Eastern  Region 
Elisa  Della  Rocco,  Regional  Account  Director 
Agata  Joseph,  Sr.  Account  Coordinator 
Internet:  tdavis,  elisas,  ajoseph@nww.com 
(201)  634-2300/FAX:  (201)  634-9286 

Northeast 

^  Elisa  Della  Rocco,  Regional  Account  Director 
Internet:  elisas@nww.com 
(508)  460-3333/FAX:  (508)  460-1237 


MARKETING 

TerryAnn  Fitzgerald,  Sr.  Director  of  Customer  Experience 
Jeanne  Seltzer,  Marketing  Communications  Manager 
Barbara  Sullivan,  Senior  Research  Analyst 
Judy  Schultz,  Marketing  Design  Manager 
Cindy  Panzera,  Marketing  Designer 
Deborah  Vozikis,  Design  Manager  Online 
PRODUCTION  SERVICES 

Greg  Morgan,  Senior  Director,  Production  Services 
Karen  Wallace,  Senior  Director,  Advertising  Operations 
Mike  Guerin,  Manager  of  Production  Technologies 
JamiThompson,  Sr.  Production  Coordinator 
VeronicaTrotto,  Online  Operations  Coordinator 
Jane  Wilbur,  Online  AdTraffic  Coordinator 
Maro  Eremyan,  Advertising  Coordinator 
Christina  Pankievich,  Advertising  Coordinator 
CIRCULATION 

Richard  Priante,  Senior  Director  of  Circulation 
Bobbie  Cruse,  Subscriptions  Manager 

RESEARCH 

Ann  MacKay,  Research  Director 

DISTRIBUTION 

Bob  Wescott,  Distribution  Manager/(508)  879-0700 
IDG  LIST  RENTAL  SERVICES 

Amy  Bonner,  Account  Executive 

P.O.  Box  9151,  Framingham,  MA  01701-9151 

Toll  free:  (800)  434-5478  ext.  6026/Direct:  (508)  370-0826 

Fax:  (508)  370-0020 

SEMINARS.  EVENTS  AND  IDG  EXECUTIVE  FORUMS 

Neal  Silverman,  ExecutiveV.  P.,  Events  &  Executive  Forums 

Mike  Garity,  Sr.  Director,  Marketing  &  Bus.  Development 

Dale  Fisher,  Director  of  Operations 

Jacqueline  DiPerna,  Senior  Event  Coordinator 

Karen  Bornstein,  Account  Executive 

Danielle  Bourke,  Event  Operations  Coordinator 

Andrea  D'Amato,  Sr.  National  Sales  Director 

Kristin  Ballou-Cianci,  Regional  Account  Director 

Jennifer  Sand,  Regional  Account  Manager 

Cedric  Fellows,  Regional  Account  Manager 

Grace  Moy,  Exhibit  Sales  Manager 

Debra  Becker,  Dir.,  Marketing  &  Audience  Development 

Sara  Nieburg,  Senior  Marketing  Manager 

Buster  Paris,  Marketing  Specialist 

ONLINE  SERVICES 


Mid-Atlantic 

Jacqui  DiBianca,  Regional  Account  Director 
Renee  Wise,  Account  Coordinator 
Internet:  jdibian,  rwise@nww.com 
(610)  971-1530/FAX:  (610)  975-0837 

Midwest/Central 

Tom  Davis,  Associate  Publisher,  Eastern  Region 
Agata  Joseph,  Sr.  Account  Coordinator 
Internet:  tdavis,  ajoseph@nww.com 
(201)  634-2314/FAX:  (201)  712-9786 

Southeast 

Don  Seay,  Regional  Account  Director 
Renee  Wise,  Account  Coordinator 
Internet:  dseay,  rwise@nww.com 
(404)  504-6225/FAX:  (404)  504-6212 


Northern  California/Northwest 

Sandra  Kupiec,  Associate  Publisher,  Western  Region 
Karen  Wilde,  Regional  Account  Director 
Courtney  Cochrane,  Regional  Account  Director 
Vanessa Tormey,  Regional  Account  Manager 
Jennifer  Hallett,  Account  Coordinator 
CyrilTalusan,  Account  Coordinator 
Internet:  skupiec,  kwilde,  ccochrane,  vtormey,  ctalusan, 
jhallett@nww.com 
(510)  768-2800/FAX:  (510)  768-2801 

Southwest/Rockies 

Becky  Bogart,  Regional  Account  Director 

Internet:  bbogart@nww.com 

(949)  250-3006/FAX:  (949)  833-2857  

Online/Integrated  Solutions 

Kevin  Normandeau,  Exec.  Vice  President/General  Mgr.,  Online 
Susan  Cardoza,  Associate  Publisher,  Online 
Scott  Buckler,  Online  Account  Director 
Stephanie  Gutierrez,  Online  Account  Manager 
Debbie  Lovell,  Online  Account  Manager 


Kevin  Normandeau,  Exec.  Vice  President/General  Mgr.,  Online 

Dan  Gallagher,  Sr.  Director,  Audience  Development 

Mary  Mclntire,  Sr.  Manager,  Audience  Development 

Norm  Olean,  Director  of  Business  Development,  Online 

Adam  Gaffin,  Executive  Editor,  Online 

Melissa  Shaw,  Managing  Editor,  Online 

Jason  Meserve,  Multimedia  Editor 

Sheryl  Hodge,  Associate  Online  News  Editor 

Jennifer  Moberg,  Online  Marketing  Program  Manager 

ChrystieTerry,  Manager  of  Online  Audience  Development 

CLIENT  SERVICES 

Sharon  Stearns,  Director  of  Client  Services 
Frank  Coelho,  Client  Services  Manager 
Leigh  Gagin,  Client  Services  Manager 
Julie  Steiner,  Client  Services  Manager 

INFORMATION  SYSTEMS 


Kate  Zinn,  Online  Account  Director 

Denise  Landry,  Account  Coordinator 

LisaThompson,  Account  Coordinator 

Internet:  knormandeau,  scardoza,  sbuckler,  sgutierroz, 

dlovell,  kzinn,  dlandry,  lthompson@nww.com 

(508)  460-3333/FAX:  (508)  861-0467  

MARKETPLACE/EMERGING  MARKETS 

Donna  Pomponi,  Director  of  Emerging  Markets 

Enku  Gubaie,  Manager  of  Marketplace/Emerging  Markets 

Caitlin  Horgan,  Manager  of  Marketplace/Emerging  Markets 

Chris  Gibney,  Sales  Operations  Coordinator 

Internet:  dpomponi,  egubaie,  chorgan,  cgibney@nww.com 

(508)  460-3333/FAX:  (508)  460-1192 


W.  Michael  Draper,  Chief  Operating  Officer 
Tom  Kroon,  Director  of  Systems  Development 
Anne  Nickinello,  Senior  Systems  Analyst 
Puneet  Narang,  Manager  of  DatabaseTechnologies 
William  Zhang,  Senior  Software  Engineer 
Manav  Sehgal,  Senior  Software  Engineer 
Prashanth  Menon,  Database  Support  Specialist 
Rocco  Bortone,  Director  of  Network  IT 
Peter  Hebenstreit,  Senior  Network/Telecom  Engineer 
Brian  Wood,  Senior  Systems  Support  Specialist 
David  Mahoney,  Systems  Support  Specialist 
BUSINESS  SERVICES 

Mark  Anderson,  Business  Services  Supervisor 
Linda  Cavanagh,  Business  Services  Administrator 


■  IDG 

Patrick  J.  McGovern,  Chairman  of  the  Board 
Bob  Carrigan.  President.  IDG  Communications 

Network  World  is  a  publication  of  IDG,  the  world's  largest 
publisher  of  computer-related  information  and  the  leading 
global  provider  of  information  services  on  information  tech¬ 
nology.  IDG  publishes  over  300  computer  publications  in  85 
countries.  One  hundred  million  people  read  one  or  more  IDG 
publications  each  month.  Network  World  contributes  to  the 
IDG  News  Service,  offering  the  latest  on  domestic  and  inter¬ 
national  computer  news. 


58  •  www.networkworld.com  •  2.13.06 


(Clockwise,  from  upper  left)  Sun's  Scott  McNealy,  Microsoft's  Bill  Gates,  Cisco's  John  Chambers 
and  RSA's  Art  Covieilo  will  be  among  the  heavy  hitters  at  this  week's  RSA  Conference. 


RSA 

continued  from  page  1 

Quarantine  Protection  System  is  supposed 
to  work  with  3Com  and  Cisco  LAN  switch¬ 
es  to  block  network  access  to  a  Windows- 
based  desktop  machine  if  it  doesn’t  con¬ 
form  to  designated  security  policies. 
3Coms  method  will  use  the  3Com 
TippingPoint  intrusion-prevention  system 
to  detect  unauthorized  behavior  from  a 
client  machine  and  send  an  alert  to 
Microsoft’s  System  Management  Server. 

In  his  keynote  on  Wednesday  Symantec’s 
Thompson  is  expected  to  outline  a  strategy 
to  provide  security  services  that  will  protect 
Web  users  from  spyware  and  phishing 
attacks.  Symantec  also  plans  to  unveil  its 
own  network-access  control  product  this 
week,  as  is  McAfee. 

VPN  vendors  will  use  the  show  to  launch 
new  products  and  partnerships  that  tighten 
VPN  access  and  offer  higher  speeds. 

Citrix  is  expected  to  introduce  three  hard¬ 
ware  models  of  its  Access  Gateway  the 
company’s  SSL  VPN  termination  device,  to 
accommodate  more  concurrent  users.  The 
company  until  now  had  only  one  device, 
the  Access  Gateway  2000,  which  supports 
1,000  users.The  three  new  models,  the  5000, 
7000  and  9000,  support  2,000,  2,500  and 
5,000  users,  respectively.  Pricing  for  the  5000 


■  Network  World  118  Turnpike  Road,  Southborough, 
MA  01772-9108,  (508)  460-3333, 


Periodicals  postage  paid  at  Southborough,  Mass.,  and  additional 
mailing  offices.  Posted  under  Canadian  International  Publication 
agreement  #40063800.  Network  World  (ISSN  0887-7661)  is  pub¬ 
lished  weekly,  except  for  a  single  combined  issue  for  the  last 
week  in  December  and  the  first  week  in  January  by  Network 
World,  Inc.,  118Turnpike  Road,  Southborough,  MA  01772-9108, 

Network  World  is  distributed  free  of  charge  in  the  U.S.  to  qual¬ 
ified  management  or  professionals. 

To  apply  for  a  free  subscription,  go  to  www.subscribenw.com 
or  write  Network  World  at  the  address  below.  No  subscriptions 
accepted  without  complete  identification  of  subscriber's 
name,  job  function,  company  or  organization.  Based  on  the 
information  supplied,  the  publisher  reserves  the  right  to  reject 
non-qualified  requests.  Subscriptions:  1-508-490-6444. 

Nonqualified  subscribers:  $5.00  a  copy:  U.S.  •  $129  a  year; 
Canada  -  $160.50  (including  7%  GST.  GST#126659952);  Central 
4  South  America  -  $150  a  year  (surface  mail);  all  other  coun¬ 
tries  -  $300  a  year  (airmail  service).  Four  weeks  notice  is 
required  for  change  of  address.  Allow  six  weeks  for  new  sub¬ 
scription  service  to  begin.  Please  include  mailing  label  from 
front  cover  of  the  publication. 

Network  World  can  be  purchased  on  35mm  microfilm 
through  University  Microfilm  Int..  Periodical  Entry  Dept..  300 
Zebb  Road,  Ann  Arbor.  Mich.  48106. 

PHOTOCOPYRIGHTS:  Permission  to  photocopy  for  internal 
or  personal  use  or  the  internal  or  personal  use  of  specific 
clients  is  granted  by  Network  Work),  Inc.  for  libraries  and  other 
users  registered  with  the  Copyright  Clearance  Center  (CCC), 
provided  that  the  base  fee  of  $3.00  per  copy  of  the  article,  plus 
50  cents  per  page  is  paid  to  Copyright  Clearance  Center,  27 
Congress  Street.  Salem.  Mass.  01970. 

OSTMASTER:  Send  Change  of  Address  to  Network  World, 
PO.  Box  3090,  Northbrook,  IL  60065.  Canadian  Postmaster: 
Please  return  undeliverabte  copy  to  PO  Box  1632.  Windsor,  Ontario 


Copyright  2005  by  Network  World.  Inc.  All  rights  reserved. 
Reproduction  of  material  appearing  in  Network  Work)  is  for 
ridden  without  written  permission. 

Reprints  (minimum  500  copies)  and  permission  to  reprint  may 
be  purchased  from  Reprint  Management  Services  at  (717)  399 
'■900  x  128  or  networkworkJ@reprintbuyer.com. 


starts  at  $5,500;  the  7000  at  $17,500;  and  the 
9000  at  $25,000. 

Citrix  also  is  dividing  the  Access 
Gateway  product  line  into  standard  and 
advanced  editions.  The  advanced  edition 
adds  software  that  manages  which  net¬ 
work  resources  users  can  access  and 
which  functions  —  such  as  print, save  and 
view  —  they  are  allowed  to  perform 
based  on  how  trusted  the  machine  that 
they  are  using  is. 

Citrix  also  is  set  to  offer  a  scaled-down 
version  of  its  application  firewall  that  can 
guard  against  most  attacks  without  having 
to  spend  time  monitoring  Web-application 
server  traffic  first.  The  company  says  the 
new  standard  version  of  its  Citrix  NetScaler 
devices  will  block  SQL  injection,  cross-site 
scripting,  buffer  overflows  and  worm 
attacks,  representing  80%  of  the  attacks 
Web  application  servers  face. 

The  enterprise  version  of  the  NetScaler 
software  includes  a  learning  capability  that 
figures  out  what  normal  application  traffic 
looks  like,  and  can  sort  out  other  kinds  of 
threats  such  as  attacks  that  manipulate 
JavaScript,  cookies  and  URL  form  fields. 

Another  SSL  vendor,  Aventail,  plans  to  an¬ 
nounce  an  alliance  with  Arcot  to  bring  two- 
factor  authentication  into  Aventail’s  SSL 
VPN  gear.  The  Arcot  product  is  a  software 
smart  card  that  can  reside  on  a  laptop  or 
USB  storage  sticks,  making  it  possible  to 
better  determine  that  remote  users  are 
who  they  say  they  are. 

Arcot  software  will  be  embedded  in 
Aventail’s  VPN  gateways  to  enable  use  of 
the  smart  cards  and  issue  one-time  pass¬ 
words  for  sessions. 

Juniper  is  expected  to  announce  an 
upgrade  to  the  software  for  its  DX  Web- 
acceleration  appliances  so  they  can  oper¬ 
ate  more  efficiently  with  Juniper  Secure 
Access  SSL  VPN  gateways.  For  instance,  the 
acceleration  gear  will  be  able  to  load-bal¬ 
ance  VPN  requests  between  two  redundant 
VPN  gateways  that  would  otherwise  be 
deployed  with  one  sitting  idle  as  a  backup. 
The  upgrade  also  makes  the  accelerators 
see  the  gateways  as  Web  servers  so  they 
communicate  more  efficiently 

The  new  software  also  will  enable  global- 
server  load  balancing  by  designating  one 
DX  in  a  network  as  authoritative  and  giving 
it  the  ability  to  route  requests  to  the  appro¬ 
priate  DX  that  is  less  busy  or  closer,  or  the 
one  fronting  the  resources  a  user  seeks.The 
new  DX  software  is  available  in  March.  It  is 
sold  in  three  separate  packages  and  for 
three  separate  hardware  platforms,  ranging 
from  $15,000  to  $70,000. 

Nokia  is  expected  to  introduce  an  IPSec 
hardware  platform  to  support  Check  Point 
firewall/VPN  software  in  small  data  centers 
and  branch  offices.The  IP  560  has  a  6Gbps 
firewall  and  options  for  as  many  as  12  Giga¬ 
bit  Ethernet  ports.  Pricing  starts  at  $16,500. 

CipherOptic  is  scheduled  to  introduce  a 
VPN-only  box  called  the  SG  1002  that  han¬ 
dles  IPSec  encryption  at  lGbps.The  device 


is  meant  to  sit  outside  firewalls  to  promote 
low-latency  lower-cost  VPN  connections. 
The  SG  1002  costs  $30,000. 

Sun  plans  to  announce  a  set  of  code 
extensions  to  its  Solaris  10  operating  system 
that  will  provide  “sensitivity”  labeling  of  data 
and  clearance  labeling  of  users. 

This  trusted-extension  software  for  Solaris 
10,  expected  to  be  available  in  August,  will 
allow  data  sharing  to  be  restricted  based 
on  users’  assigned  privileges.  Sun  also  is 
submitting  this  trusted-extension  code  for 
review  by  the  federal  government’s 
Common  Criteria  security-evaluation  pro¬ 
gram  to  be  assessed  at  Evaluation  Assur¬ 
ance  Level  4,  a  process  that  will  probably 
take  a  year  to  complete.  The  software  certi¬ 
fication  makes  it  easier  to  sell  to  govern¬ 
ment  agencies  in  more  than  a  dozen  coun¬ 
tries  that  are  united  in  supporting  the 
Common  Criteria  program. 

In  related  news,  Red  Hat,  in  partnership 
with  IBM,  is  expected  to  announce  that  Red 
Hat  Enterprise  Linux  4  has  achieved  EAL4- 
plus  certification,  as  well  as  Federal 
Information  Processing  Standard  certifica¬ 
tion  for  encryption,  under  the  federal  gov¬ 
ernment’s  product-evaluation  programs. 

In  addition,  Sun  is  set  to  announce  it  has 
added  an  option  for  using  elliptic  curve 
cryptography  in  its  Java  System  Web  Server 
as  an  optional  alternative  to  the  RSA  algo¬ 
rithm  in  SSL.  Sun’s  Senior  Staff  Engineer 
Vipul  Gupta  noted  that  ECC  is  faster  and 
can  be  used  at  higher  key  lengths  more  eas¬ 


ily  in  small  handheld  devices. 

Oracle  is  expected  to  announce  that  its 
Identity  Management  lOg  Release  3  plat¬ 
form  will  ship  in  May  The  suite  will  incor¬ 
porate  technologies  gained  in  the  2005 
acquisitions  of  Oblix  (Web  access  man¬ 
agement  and  federation),  Octet  String  (vir¬ 
tual  directory),  Thor  (provisioning)  and 
Phaos  (federation).  Release  3,  the  first 
since  those  acquisitions,  shows  Oracle 
“both  honors  the  development  commit¬ 
ments  of  the  products  prior  to  acquisition” 
and  gives  Oracle  “broader  market  reach,” 
says  Forrester  Research  analyst  Jonathan 
Penn. 

ISS  is  expected  to  announce  that  it’s  mak¬ 
ing  the  Proventia  Network  Enterprise  Scan¬ 
ner,  previously  software  only  available  as  a 
hardware  appliance  that  starts  at  $7,250.  ISS 
also  plans  to  launch  the  Proventia  Network 
Anomaly  Detection  System  —  a  tool  for 
examining  network  activity  patterns  —  in 
partnership  with  Arbor  Networks. 

Network  World  Senior  Editors  Phil 
Hochmuth  and  John  Fontana  also  con¬ 
tributed  to  this  story. 


Go  to  www.nww.com  for  more  exclusive 
coverage: 

•  CA.  TIP  boost  ID  management  suites. 

DocFinder  2146. 

•  See  our  show  coverage  all  week  long. 

DocFinder  2145. 


2.13.06  •  www.networkworld.com  •  59 


BACKSPIN 


Mark  Gibbs 


I  n  the  commercial  whirl 
that  is  IT,  we  get  to  inter- 
I  act  with  all  sorts  of  or¬ 
ganizations,  and  despite 
e-mail  we  still  have  to  use 
the  telephone  to  deal  with  them. 

Sometimes  we  come  away  from  these  calls  happy  and 
satisfied,  but  these  days  it  seems  we  more  often  come 
away  with  visions  of  poking  the  person  we  were  just  talk¬ 
ing  to  with  a  sharp  pencil. 

Reader  Bob  Hayes  wrote  a  while  ago  with  an  example 
of  a  scoring  system  (see  Gibbsblog  at  www.nww.com, 
DocFinder  2147)  he  uses  to  rate  support  calls,  so  1 
thought  I’d  take  a  shot  at  my  own  system. 

At  the  start  of  each  call  the  company  gets  zero  points. 
Then  add  and  subtract  points  as  follows: 

•  Add  one  point  if  the  phone  is  picked  up  within  three 
rings.  Subtract  one  point  if  it  takes  more  than  eight  rings. 
Subtract  five  points  if  the  line  is  busy  Subtract  1,000  points 
if  the  number  is  no  longer  in  service. 

•  Add  one  point  if  a  human  answers.  Subtract  one-half 
point  if  it  is  an  interactive  voice  response  (IVR)  system. 
Subtract  two  points  if  the  IVR’s  voice  sounds  like  Minnie 
Mouse  crossed  with  a  really  happy  cheerleader.  Subtract 
one  point  if  the  IVR  tells  you  that  your  call  may  be  record¬ 
ed  for  quality-control  or  training  purposes.  If  there  is  no 


A  scoring  system  for  telephone  support 

i 


option  to  not  be  recorded, subtract  10  points. 

•  Subtract  one  point  if  the  first  thing  the  person  says  is 
“Please  hold,”  and  without  waiting  for  you  to  answer  puts 
you  on  hold.  Subtract  three  points  if  the  person  asks, “Can 
you  hold?”  and  without  waiting  for  an  answer,  puts  you  on 
hold.  Subtract  five  points  if  the  person  takes  you  off  hold 
and  immediately  puts  you  back  on  hold.  Subtract  one 
point  for  each  second  on  hold. 

•  Subtract  one  point  if  there  is  music  on  hold.  Add  one 
point  if  they  give  you  the  option  of  turning  off  the  music. 
Subtract  one-half  point  for  each  of  the  following  music 
attributes:  1 .  too  loud;  2.  distorted;  3.  country  music;  4.  there 
are  breaks  in  music  for  self-promotions. 

•  Subtract  three  points  if  the  person  or  IVR  tells  you  that 
you  have  to  call  another  number  for  the  service  you  want. 
Subtract  1 ,000  points  if  the  other  number  is  wrong,  busy 
or  discontinued. 

•  If  it  is  an  IVR  system, subtract  three  points  if  you  have 
to  listen  to  a  long  menu  of  choices  and  the  IVR  won’t  let 
you  enter  your  selection  until  it  finishes.  Subtract  10  points 
if  the  choice  you’re  looking  for  and  what  you  are  offered 
are  completely  different. 

•  Subtract  five  points  if  you  have  to  provide  lots  of  per¬ 
sonal  details  (your  name,  address,  account  number) 
before  the  IVR  will  allow  you  to  get  anywhere.  Subtract  20 
points  for  every  request  for  your  Social  Security  number. 


•  Subtract  10  points  if  the  first  person  you  speak  to  does 
not  have  those  details,  and  if  you  get  transferred,  subtract 
10  points  for  each  subsequent  person  without  your  details. 

•  Subtract  10  points  each  time  you  are  transferred  to  the 
wrong  person  or  department.  Subtract  500  points  if  there’s 
no  way  back  and  you  have  to  restart  your  call.  Subtract 
200  points  if  the  computer  systems  are  down  and  you 
have  to  wait  until  some  random  time  to  be  helped. 

•  Subtract  50  points  if  your  call  gets  dropped.  Subtract 
100  points  if  the  person  took  your  call-back  number  and 
never  called  you  back. 

•  Subtract  20  points  if  you’re  told  “all  operators  are  busy 
so  please  leave  a  message.”  Subtract  100  points  if  you’re 
not  offered  the  opportunity  to  leave  a  message.  Subtract 

1 ,000  points  if  no  one  responds  to  the  message  you  left. 

•  If  the  person  you  reach  is  guilty  of  any  of  the  follow¬ 
ing,  subtract  two  points  for  each  one:  barely  speaks 
English  or  has  an  accent  so  thick  it’s  almost  impossible  to 
understand;  can’t  spell;  has  an  attitude;  keeps  saying “um”; 
laughs  at  random;  is  obviously  eating.  If  the  person  keeps 
putting  you  on  hold, subtract  one  point  for  each  hold  and 
10  more  points  for  each  hold  longer  than  1  minute. 

I’m  sure  you  can  suggest  a  few  more  criteria.  I’d  also  like 
your  scores  for  any  companies  you  deal  with.  Send  your 
schemes  and  scores  to  backspin@gibbs.com. 


ETBUZZ 


News,  insights  and  oddities 


A  request:  Please  check  out  Buzzblog 


Paul  McNamara 


There’s  an  axiom  among  political  campaign  profes¬ 
sionals  that  goes  like  this:  Whenever  a  candidate  is 
speaking  to  potential  voters  —  be  it  aTV  commercial, 
door-to-door  glad-handing  or  a  televised  debate  —  make  sure  that  he  doesn't  forget 
to  explicitly  ask  his  audience  for  their  vote. 

It  is  in  that  spirit  that  I  ask  you  to  please  read  my  new  biog  called  Buzzblog  at 
www.nww.com,  DocFinder:  1032.  It  may  not  cut  your  taxes,  save  Social  Security  or 
support  your  family  values,  but  neither  will  it  kiss  your  baby  or  listen  in  on  your  pri¬ 
vate  phone  conversations  —  at  least  not  without  a  warrant. 

What  I  am  hoping  is  that  Buzzblog  will  provide  information,  both  important  and 
silly,  as  well  as  opinion  and  entertainment  value  roughly  akin  to  what  you’ve  gotten 
here  —  for  better  or  for  worse  —  over  the  past  seven  years.  Same  author,  same 
style,  roughly  the  same  swath  of  subject  material,  all  wrapped  up  in  the  now-familiar 
trappings  of  a  blog. 

The  biggest  difference  is  that  Buzzblog  will  be  updated  daily  —  several  times  a 
day  is  the  goal  —  whereas  ’Net  Buzz  remains  shackled  by  the  once- 
a-week  reality  of  Network  World  print  (not  that  Buzz  is  going  away, 
mind  you).  You  too  get  to  have  your  say  —  every  day. 

Not  too  long  ago  you  could  have  counted  me  among  the  ranks  of 
old-school  journalists  who  questioned  the  intrinsic  value  of  the  blog 
format,  and  in  particular  the  value  of  the  art  as  it  was  being  practiced 
by  the  unwashed  masses.There  remains  a  boatload  of  crappy  blogs 
written  by  a  raft  of  know-nothing  bloggers  on  every  topic  imaginable 
(and  some  you’d  rather  not  imagine).  But  there  can  be  little  doubt  that 
the  genre  has  proven  its  mettle  and  blogging  is  here  for  the  duration. 

At  least  there’s  little  doubt  in  my  mind.  While  today  marks  its  offi¬ 
cial  coming-out  party,  Buzzblog  has  been  live  for  about  two  weeks  — 
beta  mode,  if  you  will  —  and  I’ve  been  bugging  friends  and  colleagues 


RECENTLY  IN  BUZZBLOG 

McNamara's  online  archive: 

www.networkworld.com, 
DocFinder:  1032 

■  Google's  latest  Gmail 
move  drives  home  the  prob¬ 
lem  with  IM. 

■  Vonage  IPO  looks  more  like 
aTiVo  than  a  Google, 

■  Saluting  Chester  Carlson, 
the  father  of  xerography. 


to  give  it  a  read.  Get  a  load  of  this  reaction  from  one  of  those  beta  testers: 

"Arrrgh  . . .  ettu,  Paulie?  Blogs  are  execrable  and  a  blot  on  the  landscape,"  she 
writes.  “That  said,  anyone  who's  a  professional  writer  probably  generates  some¬ 
thing  that’s  worth  reading  ...  so  I'll  gladly  forward  it  around.” 

How’s  that  for  unqualified  support? 

And  she  continues:  "Just  out  of  curiosity,  vyhat  prompted  you?” 

A  variety  of  factors,  actually,  not  the  least  of  which  is  that  the  powers  that  be  here 
encouraged  me  to  give  it  a  go.  (When  the  subject  comes  up  yet  again  while  the  boss 
is  handing  you  a  holiday  bonus,  it's  time  to  take  the  hint.) The  more  affirmative  rea¬ 
sons  are  that  it's  difficult  to  live  within  the  confines  of  a  once-a-week  column  in  a 
world  where  news  happens  and  is  reported  round  the  clock.  Network  World  print  is 
published  on  Monday.  A  thought  to  share  on  Tuesday  isn't  likely  to  get  beyond  the 
water  cooler  without  a  more  immediate  outlet.  A  blog  provides  that  outlet. 

Writing  daily  is  nothing  new  to  me.  Prior  to  joining  Network  World,  I  worked  for  13 
years  at  a  daily  newspaper,  a  number  of  those  years  as  editorial  page  editor.That 
particular  job  at  a  smaller  paper  is  very  much  like  blogging:  You  Ye  a 
one-man  band  cranking  out  a  column’s  worth  of  opinions  day  after 
day  —  and  hearing  back  from  readers  who  either  approve  or  won'd 
like  to  see  you  stop  cranking.  (Let’s  not  belabor  the  fact  that  i'm  ’-dy¬ 
ing  about  snail-mail  there.) 

So  please  give  Buzzblog  a  look. 

If  you  like,  bookmark,  or  better  yet,  subscribe  to  the  RSS  feed, 

It's  a  work  in  progress,  so  don’t  hesitate  to  let  me  know  what  you 
think. 

Tell  friends. 


With  all  due  respect  to  blogs  and  Howard  Stern,  e-mail  remains  the  ■ 
of  all  media.  The  address  is  buzz@nww.com. 


» 


Find  tools  and  guidance  to  defend  your  network  at  microsoft.com/security> 


Free  Security  Training:  Help  secure  your  network  with  security 
webcasts  and  in-depth,  online  courses,  Register  now  for  free 
security  management  training,  inc  uding  upcoming  Security 
Sun.  its  in  one  of  five  major  cities. 


Microsoft  Security  Assessment  Tool:  Complete  this 
free,  online  self-assessment  to  evaluate  your  organization's 
security  practices  and  identify  areas  for  Improvement 


Antivirus  for  Exchange:  Download  a  free  trial  of  Antigen  for 
Exchange  and  arm  your  e-mail  server  with  powerful  multi-engir 
protection  from  viruses,  worms,  and  inappropriate  content. 

Free  Tools  and  Updates:  Streamline  patch  management, 

automated  tools  like  Windows  Server  Update  Services.  Ar 
verify  that  your  systems  are  configured  for  maximized  secu| 
with  Microsoft  Baseline  Security  Analyzer. 


■Ml 


A  hotel  in  Tokyo.  A  layover  in  London.  A  cafe  in  Sao  Paulo. 

Perfect  places  for  worms  and  spyware  to  find  their  way  to  your  business. 

Enter  the  Cisco  Self-Defending  Network  with  Network  Admission  Control. 
It  adapts  to  new  breeds  of  threats  as  they  are  hatched  and  stops  attacks 
before  they  do  harm.  Automatically.  Proactively.  Instinctively. 

Learn  how  self-defending  networks  are  securing  business  at 
cisco.com/powered  by. 


■Mi 


"  ~~  up 


Cisco  Systems 

powered  by 


